Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

Schaad, Jim; Housley, Russell; Kaliski, Burt

doi:10.17487/rfc4055

Cited by 29 publications

(38 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Authentication certificates are X.509 [2] certificates, as profiled by RFCs 3279 [5], 5280 [11], and 4055 [6].…”

Section: Fingerprint Attributementioning

confidence: 99%

Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)

Lennox¹

2017

View full text Add to dashboard Cite

This document specifies how to establish secure connection-oriented media transport sessions over the Transport Layer Security (TLS) protocol using the Session Description Protocol (SDP). It defines the SDP protocol identifier, 'TCP/TLS'. It also defines the syntax and semantics for an SDP 'fingerprint' attribute that identifies the certificate that will be presented for the TLS session. This mechanism allows media transport over TLS connections to be established securely, so long as the integrity of session descriptions is assured.This document obsoletes RFC 4572 by clarifying the usage of multiple fingerprints.

show abstract

“…Authentication certificates are X.509 [2] certificates, as profiled by RFCs 3279 [5], 5280 [11], and 4055 [6].…”

Section: Fingerprint Attributementioning

confidence: 99%

Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)

Lennox¹

2017

View full text Add to dashboard Cite

show abstract

“…It builds on the Cryptographic Message Syntax [24][25][26] from PKCS #7 and presumes authenticated distribution of public keys through a X.509 hierarchical PKI. Supported signature algorithms include RSA (PKCS #1 v1.5 [5] and RSA-PSS [42]), DSA and ECDSA (based on SHA-1 or SHA-2, see [5,15]), and a form of the GOST signature scheme [31].…”

Section: S/mimementioning

confidence: 99%

Linkable message tagging: solving the key distribution problem of signature schemes

Günther

Poettering

2016

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Abstract. Digital signatures are one of the most extensively used cryptographic primitives today. It is well-understood that they guarantee practical security only if the corresponding verification keys are distributed authentically; however, arguably, satisfying solutions for the latter haven't been found yet, or at least aren't in large-scale deployment. This paper introduces a novel approach for cryptographic message authentication where this problem does not arise: A linkable message tagging scheme (LMT) identifies pairs of messages and accompanying authentication tags as related if and only if these tags were created using the same secret key. In other words, in contrast to signature schemes, our primitive does not aim at detecting whether individually considered messages originate from an explicitly specified entity, but instead decides whether all messages from a given collection originate from the same (possibly anonymous) source. The appealing consequence is that our primitive fully avoids public keys and hence elegantly sidesteps the key distribution problem of signature schemes. As an interesting application of LMT we envision an email authentication system with minimal user interaction. Email clients could routinely generate a secret LMT key upon their first invocation, and then equip all outgoing messages with corresponding tags. On the receiver's side, client software could automatically verify for incoming messages whether they indeed originate from the same entity as previously or subsequently received messages with identical sender address. Although this form of authentication does not provide as strong guarantees of message's origin as signature schemes would do, we do believe that trading the apparently discouraging obstacles implied by the authentic distribution of signature verification keys for the assumption that an attacker does not forge every message exchanged between parties is quite attractive. As technical contributions we formalize the notions of LMT and its (more efficient) variant CMT (classifiable message tagging), including corresponding notions of unforgeability. For both variants we propose a range of provably secure constructions, basing on different hardness assumptions, with and without requiring random oracles.

show abstract

“…This object associates the existing object identifier (id-RSASSA-PSS) used for the public key certificates (defined in [RFC4055] and [RFC5912]) with type RSAKeyCapabilities.…”

Section: Rsassa-pss Signature Public Keysmentioning

confidence: 99%

S/MIME Capabilities for Public Key Definitions

Schaad¹

2012

Self Cite

View full text Add to dashboard Cite

show abstract

Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

Cited by 29 publications

References 0 publications

Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)

Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)

Linkable message tagging: solving the key distribution problem of signature schemes

S/MIME Capabilities for Public Key Definitions

Contact Info

Product

Resources

About