Rekeyed Digital Signature Schemes: Damage containment in the face of key exposure
21 pages
English

Rekeyed Digital Signature Schemes: Damage containment in the face of key exposure

-

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres
21 pages
English
Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

Description

Niveau: Supérieur, Bac+5
Rekeyed Digital Signature Schemes: Damage-containment in the face of key exposure Michel Abdalla? Mihir Bellare† July 2001 Abstract Motivated by the problem of delegating signing keys to vulnerable mobile devices, we de- fine rekeyed digital signature schemes. We provide an adversary model and a strong notion of security for such schemes, and show that the classic self-certification paradigm, properly imple- mented, provably meets this notion of security. We then suggest altnerative solutions, based on identification schemes, and having certain performance benefits compared to self-certification. Keywords: Digital signatures, key exposure, delegation, forward security, identification schemes, proofs of security. ?Dept. of Computer Science & Engineering, University of California at San Diego, 9500 Gilman Drive, La Jolla, California 92093, USA. E-Mail: . URL: Supported by CAPES under Grant BEX3019/95-2. †Dept. of Computer Science & Engineering, University of California at San Diego, 9500 Gilman Drive, La Jolla, CA 92093, USA. E-mail: . URL: Supported in part by a 1996 Packard Foundation Fellowship in Science and Engineering. 1

  • session key

  • input pk

  • digital signature

  • secret key

  • primary public

  • rekeyed encryption

  • ong-schnorr scheme

  • public key

  • associated secret


Sujets

Informations

Publié par
Nombre de lectures 71
Langue English

Exrait

RekeyedDigitalSignatureSchemes:
Damage-containmentinthefaceofkeyexposure

MichelAbdalla

MihirBellare

July2001

Abstract
Motivatedbytheproblemofdelegatingsigningkeystovulnerablemobiledevices,wede-
nerekeyeddigitalsignatureschemes.Weprovideanadversarymodelandastrongnotionof
securityforsuchschemes,andshowthattheclassicself-certicationparadigm,properlyimple-
mented,provablymeetsthisnotionofsecurity.Wethensuggestaltnerativesolutions,basedon
identicationschemes,andhavingcertainperformancebenetscomparedtoself-certication.

Keywords:
Digitalsignatures,keyexposure,delegation,forwardsecurity,identicationschemes,
proofsofsecurity.

Dept.ofComputerScience&Engineering,UniversityofCaliforniaatSanDiego,9500GilmanDrive,La
Jolla,California92093,USA.E-Mail:
mabdalla@cs.ucsd.edu
.URL:
http://www.michelabdalla.net
.Supported
byCAPESunderGrantBEX3019/95-2.

Dept.ofComputerScience&Engineering,UniversityofCaliforniaatSanDiego,9500GilmanDrive,LaJolla,
CA92093,USA.E-mail:
mihir@cs.ucsd.edu
.URL:
http://www-cse.ucsd.edu/users/mihir
.Supportedinpartby
a1996PackardFoundationFellowshipinScienceandEngineering.

1

Contents

1

2

3

4

5

A

B

Introduction

Denitions

Theself-certicationscheme

Therekeyediterated-rootscheme

Comparisonoftworekeyedsignatureschemes

ProofofLemma3.2

ProofofLemma4.4

2

3

5

9

01

41

71

81

  • Accueil Accueil
  • Univers Univers
  • Ebooks Ebooks
  • Livres audio Livres audio
  • Presse Presse
  • BD BD
  • Documents Documents