Distributing security-mediated PKI

Vanrenen, Gabriel; Smith, Sean W.; Marchesini, John

doi:10.1007/s10207-005-0076-x

Cited by 9 publications

(4 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“… to use a custom hardware‐accelerated encryption and storage platform. In is described a platform for implementing a distributed security‐mediated PKI using a peer‐to‐peer system. The work includes the use of a trusted computing platform in order to secure the communications between couples of islands and form a distributed PKI.…”

Section: Related Workmentioning

confidence: 99%

Protecting mobile agents communications in pervasive networks with a trusted distributed mediator for ID‐based RSA

Maccari

Fantacci

Pecorella

et al. 2013

Security Comm Networks

View full text Add to dashboard Cite

This paper proposes a new method of data authentication and encryption for distributed networks supporting mobile software agents. Software agents are a valuable instrument in wireless distributed monitoring networks, because they can be used to concentrate monitoring efforts in certain areas where an event is taking place. In this way, events can be tracked in a dynamic and efficient way. Mobile agents have to send messages to each other in order to coordinate their actions, and those messages need to be secured by crypto credentials. However, when agents are moved over wireless networks, how can credentials be protected from sniffing by an attacker, besides layer II encryption? Moreover, if a rogue agent is injected in the network, is it possible to limit the damages it can produce? The proposed approach bridges mediated RSA with the trusted platform modules, in order to provide an efficient and secure communication between agents. The communication is secured using indeed Identity based cryptography, while maintaing the compatibility with standard RSA and eliminating the mediator introduced by mediated RSA. We will show that this approach is convenient in terms of traffic overhead, perfectly applicable to existing trusted platform modules specifications and able to limit damages that both external and internal attackers can produce to the network. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

Section: Related Workmentioning

confidence: 99%

Protecting mobile agents communications in pervasive networks with a trusted distributed mediator for ID‐based RSA

Maccari

Fantacci

Pecorella

et al. 2013

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…One of the standard solutions is to apply threshold cryptography to distribute the SEMkey. In [20], apart from assigning one of the SEMs to hold the original SEM-key, the SEM-key is replicated in the form of a number of shares across multiple SEMs. However, their solution have not considered obtaining partial token from the SEMs holding a share of the SEM-key.…”

Section: Sem Predefined Instant Escrow Implicit Freementioning

confidence: 99%

Security-Mediated Certificateless Cryptography

Chow

Boyd

Nieto

2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We introduce the notion of security-mediated certificateless (SMC) cryptography. This allows more lightweight versions of mediated cryptography while maintaining the ability for instantaneous revocation of keys. Moreover, our solutions avoid key escrow, which has been used in all previous mediated cryptography algorithms. We provide a model of security against a fully-adaptive chosen ciphertext attacker, who may be a rogue key generation centre or any coalition of rogue users. We present a generic construction and also a concrete algorithm based on bilinear pairings. Our concrete scheme is more efficient than the identity-based mediated encryption scheme of Baek and Zheng in PKC 2004 which is provably secure in a comparable security model. In addition, our proposals can be easily extended to support distributed security mediators.

show abstract

“…Our lab has investigated and developed a number of applications for the IBM 4758 secure coprocessor including hardening Apache [14,33] (as noted earlier), enhancing privacy [11], hardening S/MIME [23], and exploring new PKI architectures [18,41]. Many of these projects were repeatedly hampered by the 4758's relatively weak computational power and lack of space.…”

Section: Related Workmentioning

confidence: 99%