M. Girault. Self-Certi ed Public Keys. In Eurocrypt '91, LNCS 547, pages 490-497. Springer-Verlag, Berlin, 1992.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....by Alice and Bob in a faultless case. The protocol described underneath supposes a resilient channel between the TTP and Alice and between the TTP and Bob. The communication channel between Alice and Bob may be unreliable. The protocol uses a signature scheme based on the GPS signature scheme [34,35]. The GPS signature of a message m is realized on one hand by choosing a random value r and computing t = r mod n where n is a composite modulus and is a basis of order (n) and on the other hand by computing z = r x h(t; m) where x is a secret value associated to y x mod n the ....

M. Girault, Self-certi ed public keys, in: Advances in Cryptology: Proceedings of EuroCrypt'91, Vol. 547 of Lecture Notes in Computer Science, SpringerVerlag, 1991, pp. 490-497.

....TTP have already been proposed [7, 19 21] implying often some communication and computation overheads) In this paper, we propose a new protocol that allow the exchange of an item against a signature while assuring fairness. The protocol, based on the GiraultPoupard Stern (GPS) signature scheme [12, 16] (a variation of the Schnorr signature scheme [17] uses an o ine TTP, acting only in case of problem, which produces the same digital signature that the client and the provider would produce in a normal case. We assume that the communication channel between the provider and the client is ....

....the purpose of a message sent (respectively committed signature , expected message , nal signature , ask for recovery , ask for abort and con rmation of abort ) l is a label identifying, with the identities P and C, the protocol run. The protocol is based on the GPS signature [12, 16]. The signature of a message m is realized on one hand by choosing a random value r and computing t = mod n where n is a composite modulus and is a basis of maximum order, n) and on the other hand by computing z = r xh(t; m) where x is a secret value associated to y x mod n the ....

[Article contains additional citation context not shown here]

M. Girault. Self-certi ed public keys. In Advances in Cryptology: Proceedings of EuroCrypt'91, volume 547 of Lecture Notes in Computer Science, pages 490-497. Springer-Verlag, 1991.

....faultless case. The protocol described underneath supposes a resilient channel between the TTP and Alice and between the TTP and Bob. The communication channel between Alice and Bob may be unreliable. 4. 1 The signature scheme The protocol uses a signature scheme based on the GPS signature scheme [9, 13]. The GPS signature of a message m is realized on one hand by choosing a random value r and computing t = r mod n where n is a composite modulus and is a basis of order (n) and on the other hand by computing z = r x h(t; m) where x is a secret value associated to y x mod n the ....

M. Girault. Self-certi ed public keys. In Advances in Cryptology: Proceedings of EuroCrypt'91, volume 547 of Lecture Notes in Computer Science, pages 490-497. Springer-Verlag, 1991.

....the same (short) password, and presented a password based key exchange scheme proved secure in both the random oracle and the ideal cipher models. The problem of modifying public key schemes to run on low power computing devices has rst received attention in the context of signature schemes [11, 17, 19], and has later spread to the task of having a low power mobile client device exchanges a session key with a powerful server [15, 21, 22] 2 Model In this section we recall the formal model for security against dictionary attacks where the adversary s capabilities are modeled through queries. In ....

M. Girault. Self-Certi ed Public Keys. In Eurocrypt '91, LNCS 547, pages 490-497. Springer-Verlag, Berlin, 1992.

.... solution [16] and the distribution of the certi cate directory function among the terminodes (a VHR like solution) Another approach may be to adopt a system that implicitly guarantees the authenticity of public keys, such as identity based systems [12] and those using implicitly certi ed keys [6]; however, this kind of solution still requires a trusted authority, at least at system initialization. We are investigating the way to provide public key cryptography in a totally self organized manner. 7 Conclusion We have presented a global description of some aspects of the project called ....

M. Girault. Self-certied public keys. In Advances in Cryptology - EUROCRYPT'91, pages 490-497. Springer-Verlag, 1991.

....cate: PKI using Self Certi ed Key Byoungcheon Lee and Kwangjo Kim Information and Communications University, 58 4, Hwaam dong, Yusong gu, Taejon, 305 348, Korea email:fsultan,kkjg icu.ac. kr Abstract Self certi ed key [Gir91, PH97] is a public key which contains the certi cation information of a CA in the public key itself. It provides implicit authentication for the public key while the certi cate based scheme like X.509 provides explicit authentication. Self certi ed key has several advantages over certi cate based ....

....certi cate issued by a certi cate authority(CA) e.g. X.509 [X509] certi cate. In the second case, it can be veri ed implicitly at the time when the key is used for encryption, signature veri cation, key exchange or any other cryptographic usage. The concept of self certi ed key was introduced by [Gir91] and extended in many ways by [PH97] Here user s identity ID, public key y, and the corresponding private key x satisfy a computationally unforgeable relationship, which is veri ed implicitly by proper use of x in any cryptographic protocol. PH97] shows various advantages of self certi ed key: ....

M. Girault, \Self-certied public keys", In Advances in Cryptology: Eurocrypt'91, pages 490 - 497, Springer, 1991.

....then one has con dence that the data (and what the data implies) contained in the certi cate is genuine; in particular one trusts that the user named in the certi cate knows the private key associated with the public key. Implicit certi cates, introduced in the work of G unther [7] and Girault [6], are comprised of a user s identity I and some reconstruction public data P , which together with the CA s public key are used to reconstruct the user s public key. That is, the public key is not explicitly contained in the implicit certi cate. The authenticity of a reconstructed public key is ....

M. Girault, \Self-certied public keys", Advances in Cryptology { Eurocrypt'91, 1991, pp. 490-497.

.... [Zim95] and the distribution of the key distribution server function among the terminodes (a VHR like solution) Another approach may be to adopt a system that implicitly guarantees the authenticity of public keys, such as identity based systems [Sha85] and those using implicitly certi ed keys [Gir91] 6 Incentive to collaborate As we mentioned in Section 5, the Terminodes network relies on the co operative behavior of the terminodes (or, more precisely, their users) One possible approach to stimulate such behavior is to introduce the concept of money and service charges. The natural idea ....

M. Girault. Self-certied Public Keys. In Advances in Cryptology - EUROCRYPT '91, pages 490-497. Springer-Verlag, 1991.

No context found.

M. Girault. Self-Certi ed Public Keys. In Eurocrypt '91, LNCS 547, pages 490-497. Springer-Verlag, Berlin, 1992.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC