874,936 research outputs found
Risk Management in Public Key Infrastructure
Nowadays it is almost impossible not to hear or read about the risks of using computer systems. Top management is becoming more interested in risk management process and their analysis regarding the use of information technologies within their organization. This is due primarily to the Internet boom and high level of dependence of their business to information systems. Risk management is the process that allows IT managers to balance the operational and economic costs of protective measures and obtain assets in mission capability by securing the IT systems and data that help their organizations performances. In this paper we present the risk management processes, the main services offered by the Public Key Infrastructure and security risks that may arise in implementing Public Key Infrastructure.risk management; public key infrastructure; PKI services; PKI risks.
Internet X.509 Public Key Infrastructure Operational Protocols -- LDAPv3
This document describes the features of the Lightweight Directory Access Protocol v3 that are needed in order to support a public key infrastructure based on X.509 certificates and CRLs
Public Key Infrastructure based on Authentication of Media Attestments
Many users would prefer the privacy of end-to-end encryption in their online
communications if it can be done without significant inconvenience. However,
because existing key distribution methods cannot be fully trusted enough for
automatic use, key management has remained a user problem. We propose a
fundamentally new approach to the key distribution problem by empowering
end-users with the capacity to independently verify the authenticity of public
keys using an additional media attestment. This permits client software to
automatically lookup public keys from a keyserver without trusting the
keyserver, because any attempted MITM attacks can be detected by end-users.
Thus, our protocol is designed to enable a new breed of messaging clients with
true end-to-end encryption built in, without the hassle of requiring users to
manually manage the public keys, that is verifiably secure against MITM
attacks, and does not require trusting any third parties
BlockPKI: An Automated, Resilient, and Transparent Public-Key Infrastructure
This paper describes BlockPKI, a blockchain-based public-key infrastructure
that enables an automated, resilient, and transparent issuance of digital
certificates. Our goal is to address several shortcomings of the current TLS
infrastructure and its proposed extensions. In particular, we aim at reducing
the power of individual certification authorities and make their actions
publicly visible and accountable, without introducing yet another trusted third
party. To demonstrate the benefits and practicality of our system, we present
evaluation results and describe our prototype implementation.Comment: Workshop on Blockchain and Sharing Economy Application
LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments
The non-repudiation as an essential requirement of many applications can be
provided by the asymmetric key model. With the evolution of new applications
such as mobile commerce, it is essential to provide secure and efficient
solutions for the mobile environments. The traditional public key cryptography
involves huge computational costs and is not so suitable for the
resource-constrained platforms. The elliptic curve-based approaches as the
newer solutions require certain considerations that are not taken into account
in the traditional public key infrastructures. The main contribution of this
paper is to introduce a Lightweight Public Key Infrastructure (LPKI) for the
constrained platforms such as mobile phones. It takes advantages of elliptic
curve cryptography and signcryption to decrease the computational costs and
communication overheads, and adapting to the constraints. All the computational
costs of required validations can be eliminated from end-entities by
introduction of a validation authority to the introduced infrastructure and
delegating validations to such a component. LPKI is so suitable for mobile
environments and for applications such as mobile commerce where the security is
the great concern.Comment: 6 Pages, 6 Figure
Public Key Infrastructure
U ovom radu bavili smo se infrastrukturom javnog ključa u oznaci PKI. Pogledali smo neke
bitnije dijelove od kojih se PKI sastoji i ukratko ih opisali. Nakon toga, pogledali smo jedan
protokol koji se koristi u praksi, a to je SSL protokol kojega smo ilustrirali na primjeru.
Objasnili smo pojam certifikata koji je građevna jedinica PKI-ja i uz to dali primjer ceritfikata.
Opisali smo model koji daje jasna pravila koja određuju način na koji će se graditi put
certifikata, a to je model povjerenja. Naveli smo neke primjere modela povjerenja i opisali ih
na primjerima. U poglavlju nakon toga rekli smo nešto o budućnosti PKI-a i na kraju smo
objasnili kriptografiju baziranu na identitetu, tj. obradili smo Cocksovu enkripcijsku shemu
baziranu na identitetu, kao jedan oblik ove kriptografije.This paper aims to discuss the Public-key Infrastructure in the PKI label, which includes
and describes some of the more important parts of the PKI. One of the more used protocols,
SSL, was presented along with an example. In this paper certificates as the founding blocks
of PKI were also more thoroughly explained, as well as a model that provides clear rules
which define the certificates path si built, the trust model for which more examples are provided.
The chapter after that discusses the future of PKI and identity-based cryptography,
such as the Cocks Identity-based Encryption Scheme
An identity-based key infrastructure suitable for messaging applications
Abstract—Identity-based encryption (IBE) systems are relatively recently proposed; yet they are highly popular for messaging applications since they offer new features such as certificateless infrastructure and anonymous communication. In this paper, we intended to propose an IBE infrastructure for
messaging applications. The proposed infrastructure requires one registration authority and at least one public key generator and they secret share the master secret key. In addition, the PKG also shares the same master secret with each user in the system in a different way. Therefore, the PKG will never be able to learn the private keys of users under non-collusion assumption. We discuss different aspects of the proposed infrastructure such as security, key revocation, uniqueness of the identities that constitute the main drawbacks of other IBE schemes. We demonstrate that our infrastructure solves many of these drawbacks under certain assumptions
- …