YAO Lin,FAN Qingna,KONG Xiangwei

DOI: https://doi.org/10.3778/j.issn.1002-8331.2011.06.023

2011-01-01

Abstract:As a result of the high mobility of the pervasive computing,the principles communicating with each other usually locate at different domains.To secure the service access and communications,the principles should authenticate each other and establish a fresh session key.A novel inter-domain authentication and key establishment protocol is proposed.The proposed protocol reduces the burden of certificates management by adopting the biometric encryption.After inter-domain mutual authentication,the two principles build a new session key using the signcryption technique.The protocol can defend lots of attacks and its correctness is proven by the SVO logic.

Lin Yao,Lei Wang,Xiangwei Kong,Guowei Wu,Feng Xia

DOI: https://doi.org/10.1016/j.camwa.2010.01.010

IF: 3.218

2010-01-01

Computers & Mathematics with Applications

Abstract:In a pervasive computing environment, mobile users often roam into foreign domains. Consequently, mutual authentication between the user and the service provider in different domains becomes a critical issue. In this paper, a fast and secure inter-domain authentication and key establishment scheme, namely IDAS, is proposed. IDAS adopts Biometrics to guarantee the uniqueness and privacy of users and adopts signcryption to generate a secure session key. IDAS can not only reduce the burden of certificates management, but also protect the users and authentication servers against fraud. Compared with some other authentication methods, our approach is superior with faster key exchange and authentication, as well as more privacy. The correctness is verified with the Syverson and Van Oorschot (SVO) logic. Crown Copyright (C) 2010 Published by Elsevier Ltd. All rights reserved.

PING LUO,MANQIU ZHONG,XIAONING PENG,DAOSHUN WANG

2005-01-01

Abstract:The X.509 framework protocol uses public-key certificate in au- thentication and conversation key negotiation. This framework gains conve- nient user key management, but because of the low speed of asymmetric cryp- tographic algorithms, the speed of handshake is not satisfactory. In this paper, we will present a fast handshake caching protocol that requires a trusted third part caching center but attempts to minimize its involvement in the execu- tion of the protocol, which can greatly enhance the eciency of authentication. With this protocol, even if both sides of communication never contact each other before, they can quickly and conveniently authenticate each other and negotiate the secure conversation key of the communication session from the caching context on the trust path if there is a trust path between them. With the handshake caching protocol, the speed of authentication and conversation key negotiation is 3-4 times faster than the X.509 protocol without reducing the security. Furthermore, we will pay particular attention to the process of the conversation key negotiation, analyze its eciency and security, and discuss some aspects of its formal verification.

Jason Chia,Swee-Huay Heng,Ji-Jian Chin,Syh-Yuan Tan,Wei-Chuen Yau

DOI: https://doi.org/10.3390/sym13081535

2021-08-20

Symmetry

Abstract:Public key infrastructure (PKI) plays a fundamental role in securing the infrastructure of the Internet through the certification of public keys used in asymmetric encryption. It is an industry standard used by both public and private entities that costs a lot of resources to maintain and secure. On the other hand, identity-based cryptography removes the need for certificates, which in turn lowers the cost. In this work, we present a practical implementation of a hybrid PKI that can issue new identity-based cryptographic keys for authentication purposes while bootstrapping trust with existing certificate authorities. We provide a set of utilities to generate and use such keys within the context of an identity-based environment as well as an external environment (i.e., without root trust to the private key generator). Key revocation is solved through our custom naming design which currently supports a few scenarios (e.g., expire by date, expire by year and valid for year). Our implementation offers a high degree of interoperability by incorporating X.509 standards into identity-based cryptography (IBC) compared to existing works on hybrid PKI–IBC systems. The utilities provided are minimalist and can be integrated with existing tools such as the Enterprise Java Bean Certified Authority (EJBCA).

张雪琳,马跃,王玮,徐塞虹

DOI: https://doi.org/10.3321/j.issn:1000-6788.2004.03.015

2004-01-01

Abstract:Public Key Infrastructure (PKI) is a infrastructure of asymmetric encryption that delivers strong capabilities for services such as data confidentiality,authentication,integrity and non-repudiation to effectively mitigate various risks involved in a network environment. The PKI infrastructure ensures that the availability of a well conceived combination of services,communications methods and protocols to its constituent applications and programs. It means that the infrastructure provides a blanket to enable the interoperability of its constituent parts for available,reliable,and unobtrusive security services. In this paper,a model of CRL disribution is set up. By analyzing the revocation delay,we get the expression of revocation delay.The simulation result is also given,which proved correctness of our analysis .

Kai Lei,Zhongjie Wang

DOI: https://doi.org/10.1109/iccse.2012.6295245

2012-01-01

Abstract:Content-Centric Networking (CCN) is a predominant substitute of the current TCP/IP networking and it is proposed to be the next generation Internet foundation. The evident characteristic of this network architecture is caching and indexing contents by the inner nodes - the routers, so as to reduce the redundant transmission and thereby shorten the distance between user and content. In this paper, we propose and implement a user authentication scheme over CCN. We adopt the trust model based on certificate authority (CA) to provide the service of binding certificate with user's identity, and help user determine the authenticity and reliability of the publisher of the network content. Also the specialized CA we designed for CCN takes advantage of the decentralization characteristic and cache mechanism of CCN to distribute the certificates and certificate revocation list (CRL) into the network, and it reduces the load of the CA central server when retrieving and verifying certificates. Besides, we propose a timeline-based method to segment the CRL with certificate issue date, thereby making the retrieval of CRL more effective.

Abba Garba,Qinwen Hu,Zhong Chen,Muhammad Rizwan Asghar

DOI: https://doi.org/10.1109/hpcc-smartcity-dss50907.2020.00108

2020-01-01

Abstract:Recently, real-world attacks against the web Public Key Infrastructure (PKI) have arisen more frequently. The current PKI that use Registration Authorities/Certificate Authorities (RAs/CAs) model suffer from notorious security vulnerabilities. Most of these vulnerabilities are due to compromises of RAs, which lead to impersonation attacks resulting in CAs misbehaving to issue bogus certificates. To counter this problem, many approaches, such as Certificate Transparency (CT), ARPKI, and PoliCert, have been proposed. Nonetheless, no solution has yet gained widespread acceptance as a result of complexity and deployability issues. Moreover, existing approaches still require to satisfy complicated interactions and synchronisation among the entities that are involved during certificate issuance, updates, and revocations. In this paper, we propose a new Blockchain-Based PKI (BB-PKI) to address these vulnerabilities of CA misbehaviour caused by impersonation attacks against RAs. Certificate Issuance Request (CIR) should be vouched by manifold RAs. Multiple CAs shall sign and issue the certificate using an out-of-band secure communication channel. Any RA that contributes to the verification process of a user's request can publish the certificate in the blockchain by creating a smart contract certificate transaction. BB-PKI offers strong security guarantees, compromising $n - 1$ of the RAs or CAs is not enough to launch impersonation attacks, meaning that attackers cannot compromise more than the threshold of the latter signatures to launch an attack.

LI Dong-feng,WEI Ming-Xin,LI Wei-ping

DOI: https://doi.org/10.3969/j.issn.1009-8054.2011.09.049

2011-01-01

Abstract:As considerable quantities of complex cryptographic computation should be done on client side in the traditional public key cryptosystems,it's difficult for the PKI technology to be used in the special case with weak computation capability. In addition,the communication between digital certificate and authentication is required,thus to obtain the CRLs as certificate chain and verify the validity of online certificate,this would greatly reduce the application and development of public key cryptographic technology. In the proposed proxy-based application model,the computation and communication are completed via the proxy service,and the client just needs to send standard application request and accept the corresponding response,thus effectively simplifying the application of public key cryptography.

Chengyuan Zhang,Changqing An,Tao Yu,Zhiyan Zheng,Jilong Wang

DOI: https://doi.org/10.1109/noms59830.2024.10575605

2024-01-01

Abstract:The validity and efficiency of certificate revocation in today's web Public Key Infrastructure (PKI) are consistently overlooked. In this paper, we analyse current certificate revocation schemes from the perspective of Certificate Authorities (CAs) and browsers. We find that the average size of CRL files collected from popular CAs can be as large as 2MB and the average response time of OCSP is around 430ms, which means that the time overhead brought by current certificate revocation schemes is not negligible. Moreover, browsers often fail to perform the revocation check correctly and allow websites to use revoked certificates, which can help attackers to launch man-in-the-middle attacks using fraudulent certificates.We also summarise existing problems and propose a novel certificate revocation scheme utilizing DNS resource records for efficient and privacy-preserving distribution. We have implemented a prototype to evaluate the performance of our scheme, and test results show that our scheme is time-efficient and able to withstand realistic workloads. We hope that our work can stimulate further discussion of the problems in Web PKI.

Xiangyang Wang,Chunxiang Gu,Siqi Lu,Xi Chen

DOI: https://doi.org/10.1117/12.2628502

2022-04-22

Abstract:This paper studies the password-based strong authentication key exchange protocol in the cross-domain scenario, and gives an end-to-end highly secure C2C-PAKE protocol, in which the server shares a password with the client and also has a pair of private/public keys. In contrast, the client has the shared password and the server's public-key. Specifically, we combine the ECQV implicit certificate scheme with the ECDH key exchange protocol to give a highly secure cross-domain protocol. Considering the application of the ECQV implicit certificate scheme in the Internet of Things (IoT), we give an analysis the possibility of the proposed protocol applied in the cross-domain scenario of the IoT. Finally, based on some common attacks, we show a security analysis of our protocol, which achieves perfect forward security and resists dictionary attacks, KCI attacks, replay attacks, Insider-Assisted attacks, and so on.

Xiaolin Zhang,Chenghao Chen,Kailun Qin,Yuxuan Wang,Shipei Qu,Tengfei Wang,Chi Zhang,Dawu Gu

2024-10-26

Abstract:The signing key exposure of Certificate Authorities (CAs) remains a critical concern in PKI. These keys can be exposed by carefully designed attacks or operational errors even today. Traditional protections fail to eliminate such risk and one leaked key is enough to compromise the CA. This long-standing dilemma motivates us to consider removing CAs' signing keys and propose Armored Core, the first PKI security extension using the trusted binding of Physically Unclonable Function (PUF) for certificate operations. It makes key exposure impossible by eliminating the digital signing keys in CA. To achieve this, we design a set of PUF-based X.509v3 certificate functions for CAs to generate physically trusted "signatures" without using a digital key. Moreover, we introduce a novel PUF transparency mechanism to effectively monitor the PUF operations in CAs. We integrate Armored Core into real-world PKI systems including Let's Encrypt Pebble and Certbot. We also provide a PUF-embedded RISC-V CPU prototype. The evaluation results show that Armored Core can offer stronger security guarantees through signing key removal and without causing any extra overhead, but improves the overall performance by 11% on storage and 4.9%-73.7% on computation.

Cryptography and Security

Xiaolin Zhang,Chenghao Chen,Kailun Qin,Yuxuan Wang,Shipei Qu,Tengfei Wang,Chi Zhang,Dawu Gu

2024-09-06

Abstract:The signing key exposure of Certificate Authorities (CAs) remains a critical concern in PKI. These keys can be exposed even today by various attacks or operational errors. Traditional protections fail to eliminate such risk and one leaked key is enough to compromise the CA. This long-standing dilemma motivates us to consider removing CAs' signing keys and propose Armored Core, a PKI security extension using the trusted binding of Physically Unclonable Function (PUF) for certificate operations. It makes key exposure impossible by eliminating the digital signing keys for CA. To achieve this, we design a set of PUF-based X.509v3 certificate functions for CAs to generate physically trusted "signatures" without using a digital key. We have presented cryptographic proofs for these functions. Moreover, we introduce the first PUF transparency mechanism to effectively monitor the PUF operations in CAs. Armored Core is integrated into real-world PKI systems including Let's Encrypt Pebble and Certbot. We also provide a PUF-embedded RISC-V CPU prototype to verify the feasibility. The evaluation results show that Armored Core achieves key removal without introducing extra overhead, but improves the performance by 11% on storage and 4.9%~73.7% on computation.

Cryptography and Security

Zhou Zhou,Huang Yongfeng,Li Xing

DOI: https://doi.org/10.3321/j.issn:1001-0505.2007.z1.022

2007-01-01

Abstract:A novel authentication framework,which is named central identity-code assignment and distributed authentication(CIADA),is proposed in order to meet the demands of the secure authentication for nodes in the peer-to-peer(P2P) network.The "trusted third party"(TTP) trust model is improved,and the secure dynamic accumulator is utilized to carry out the authentication protocol.The authentication among nodes is implemented efficiently.The dynamic entering or leaving of nodes is supported,and the authentication among domains and the combination of domains are allowed.CIADA takes full account of the characters of P2P network such as self-organization,dynamic and scalability.It is in the same secure intension as public key infrastructure(PKI) but without the defects in keys' issue and revoking and the authentication among domains of other existed distributed authentication protocols.So CIADA is more suitable for the secure authentication of nodes in the P2P network.

Hongjun Lin,Ping Luo,Daoshun Wang

DOI: https://doi.org/10.1016/j.jnca.2008.03.001

IF: 7.574

2008-01-01

Journal of Network and Computer Applications

Abstract:To solve the scalability problems of the identity authentication model based on CA for application in large distributed networks, adopting a rigorous binary tree code algorithm, we present a distributed identity authentication model based on public keys. The advantages of our model are described as follows: First, it has good scalability and is suitable for large-scale distributed networks. Second, the authentication path is short, with no more than two entities intervening. Third, it does not require users to inquire about certificate revocation lists.

Zhong CHEN,Hongwei MENG,Zhi GUAN

DOI: https://doi.org/10.19363/j.cnki.cn10-1380/tn.2016.02.004

2016-01-01

Abstract:The characteristics of intrinsic security in the future Internet architecture have been used to conquer the secu-rity problems of current Internet. Self-certifying addresses are introduced in future Internet architecture (FIA) to enable the intrinsic security properties. However, without PKI, these approaches in FIA miss the intrinsic binding between user-level descriptor, network-level identifier and correspondent public key. To this end, a naming scheme of Self-Certifying Identi-fier in FIA based on Combined Public Key (CPK), named as SCI-CPK, is proposed in this paper. The use cases of identity authentication based on SCI-CPK in FIA designs are also given, including XIA, MobilityFirst and NDN. The analysis shows that the proposed method is benefit of ubiquitous access and vast mobility scenario in the future Internet.

Hongwei Meng,Zhong Chen,Jian-bin Hu,Zhi Guan

DOI: https://doi.org/10.1145/2935663.2935676

2016-01-01

Abstract:In order to enable intrinsic security without the Public Key Infrastructure (PKI) deployment, flat self-certifying addresses have been involved into the future Internet architecture (FIA) designs. In contrast to deriving a self-certifying address from hashing of a correspondent prepared public key, we build up this self-certifying relationship along the reverse path using Combined Public Key (CPK). Our design develop the chain of trust embedded in the Internet name/address registration and allocation process for domains, hosts, services and content, to establish intrinsic bindings between three different identities: user-level human-readable names, network-level routable flat identifiers and the correspondent public keys. This binding connects the accountability between real-world space and network space. The use cases of our design are also given in named data networking (NDN) and identity/locator splitting network architecture, i.e. XIA and MobilityFirst. The analysis also shows that identity authentication based on CPK is capable of resource-constrained nodes in large-scale networks without scalability tradeoffs.

Yue Fu,Rong Du,Dagang Li

DOI: https://doi.org/10.1007/978-3-030-00018-9_25

2018-01-01

Abstract:Under some applications, identity-authentication must be involved into block-chain systems. However, the introduction of traditional PKI mechanism in block-chain systems is not proper for 3 reasons: (1) a centralized certification authority (CA) represents a single point of failure in the network; (2) the numbers and locations of nodes vary in time; (3) it introduces additional centralized factors in the block-chain system that is already decentralized. For the sake of decentralization multi-CA scenario is considered to distribute CA-functionality to nodes. Further, armed with secret sharing scheme, a practical distributed CA-based PKI scheme is proposed that is well-associated with existed mechanisms (such as POW) in the original system. Finally, solutions of verification and multi-level assigning issues are constructed via verifiable secret sharing and multilevel secret sharing tools.

Joel Höglund,Samuel Lindemer,Martin Furuhed,Shahid Raza

DOI: https://doi.org/10.1016/j.cose.2019.101658

2020-02-01

Abstract:Public Key Infrastructure is the state-of-the-art credential management solution on the Internet. However, the millions of constrained devices that make of the Internet of Things currently lack a centralized, scalable system for managing keys and identities. Modern PKI is built on a set of protocols which were not designed for constrained environments, and as a result many small, battery-powered IoT devices lack the required computing resources. In this paper, we develop an automated certificate enrollment protocol light enough for highly constrained devices, which provides end-to-end security between certificate authorities (CA) and the recipient IoT devices. We also design a lightweight profile for X.509 digital certificates with CBOR encoding, called XIOT. Existing CAs can now issue traditional X.509 to IoT devices. These are converted to and from the XIOT format by edge devices on constrained networks. This procedure preserves the integrity of the original CA signature, so the edge device performing certificate conversion need not be trusted. We implement these protocols within the Contiki embedded operating system and evaluate their performance on an ARM Cortex-M3 platform. Our evaluation demonstrates reductions in energy expenditure and communication latency. The RAM and ROM required to implement these protocols are on par with the other lightweight protocols in Contiki's network stack.

computer science, information systems

Zhiwei Gao,Ping Luo,Zhimin Gu,Hongjun Liu

DOI: https://doi.org/10.1109/mue.2007.33

2007-01-01

Abstract:Establishing trust on certificates across multiple domains requires an efficient certification path discovery algorithm. In this work, we propose and implement a model based on rigorous binary tree algorithm for efficient certification path discovery. Our model has four advantages. First, there is no any bottleneck problem when establishing a certification path. Second, its authentication path is short with no more than two entities intervened. Third, not need to inquire about a certificate revolution list. Fourth, it's easy to extend and suitable for large-scale network.

Liu Duan-yang,Pan Xue-zeng,Ping Ling-di

DOI: https://doi.org/10.1631/jzus.2003.0555

2003-01-01

Abstract:Distributed certification via threshold cryptography is much more secure than other ways to protect certification authority (CA)'s private key, and can tolerate some intrusions. As the original system such as ITTC, etc., is unsafe, inefficient and impracitcal in actual network environment, this paper brings up a new distributed certification scheme, which although it generates key shares concentratively, it updates key shares distributedly, and so, avoids single-point failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol, but can also change the threshold (t, k) flexibly and robustly, and so, is much more practical. In this work, the authors implement the prototype system of the new scheme and test and analyze its performance.