TU Darmstadt / ULB / TUbiblio

Cleaning up the PKI for Long-term Signatures

Vigil, Martín and Custódio, Ricardo Felipe (2012):
Cleaning up the PKI for Long-term Signatures.
In: 12th SBSeg 2012, Brazilian Symposium on Information and Computer System Security, Brazilian Computer Society, Curitiba PR, Brazil, [Conference or Workshop Item]

Abstract

In this paper we present a new approach for the conventional X.509 Public Key Infrastructures (PKI). Our goal is to reduce the effort to handle sig- natures in the long term. The novelty is that a Root CA reissues subordinate certificates of final users, but adjusting validity periods to exclude the periods after a revocation. The Root CA also authenticates timestamps. The result is the cleaned PKI, which is simpler than the conventional PKI because: a) there is no revocation; b) there is no intermediary Certification Authority; c) signatures are trustworthy as long as the used cryptographic algorithms remain secure. As benefits, we reduce the need of timestamps and consequently the demand for storage space and processing time to use signed documents.

Item Type: Conference or Workshop Item
Erschienen: 2012
Creators: Vigil, Martín and Custódio, Ricardo Felipe
Title: Cleaning up the PKI for Long-term Signatures
Language: ["languages_typename_1" not defined]
Abstract:

In this paper we present a new approach for the conventional X.509 Public Key Infrastructures (PKI). Our goal is to reduce the effort to handle sig- natures in the long term. The novelty is that a Root CA reissues subordinate certificates of final users, but adjusting validity periods to exclude the periods after a revocation. The Root CA also authenticates timestamps. The result is the cleaned PKI, which is simpler than the conventional PKI because: a) there is no revocation; b) there is no intermediary Certification Authority; c) signatures are trustworthy as long as the used cryptographic algorithms remain secure. As benefits, we reduce the need of timestamps and consequently the demand for storage space and processing time to use signed documents.

Title of Book: 12th SBSeg 2012, Brazilian Symposium on Information and Computer System Security
Publisher: Brazilian Computer Society
Uncontrolled Keywords: Secure Data
Divisions: 20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra > Public-Key Infrastrukturen (PKI)
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Event Location: Curitiba PR, Brazil
Date Deposited: 04 Aug 2016 15:08
Identification Number: TUD-CS-2012-0205
Export:
Suche nach Titel in: TUfind oder in Google

Optionen (nur für Redakteure)

View Item View Item