TU Darmstadt / ULB / TUbiblio

Cleaning up the PKI for Long-term Signatures

Vigil, Martín ; Custódio, Ricardo Felipe (2012)
Cleaning up the PKI for Long-term Signatures.
Curitiba PR, Brazil
Conference or Workshop Item, Bibliographie

Abstract

In this paper we present a new approach for the conventional X.509 Public Key Infrastructures (PKI). Our goal is to reduce the effort to handle sig- natures in the long term. The novelty is that a Root CA reissues subordinate certificates of final users, but adjusting validity periods to exclude the periods after a revocation. The Root CA also authenticates timestamps. The result is the cleaned PKI, which is simpler than the conventional PKI because: a) there is no revocation; b) there is no intermediary Certification Authority; c) signatures are trustworthy as long as the used cryptographic algorithms remain secure. As benefits, we reduce the need of timestamps and consequently the demand for storage space and processing time to use signed documents.

Item Type: Conference or Workshop Item
Erschienen: 2012
Creators: Vigil, Martín ; Custódio, Ricardo Felipe
Type of entry: Bibliographie
Title: Cleaning up the PKI for Long-term Signatures
Language: English
Date: November 2012
Publisher: Brazilian Computer Society
Book Title: 12th SBSeg 2012, Brazilian Symposium on Information and Computer System Security
Event Location: Curitiba PR, Brazil
Abstract:

In this paper we present a new approach for the conventional X.509 Public Key Infrastructures (PKI). Our goal is to reduce the effort to handle sig- natures in the long term. The novelty is that a Root CA reissues subordinate certificates of final users, but adjusting validity periods to exclude the periods after a revocation. The Root CA also authenticates timestamps. The result is the cleaned PKI, which is simpler than the conventional PKI because: a) there is no revocation; b) there is no intermediary Certification Authority; c) signatures are trustworthy as long as the used cryptographic algorithms remain secure. As benefits, we reduce the need of timestamps and consequently the demand for storage space and processing time to use signed documents.

Uncontrolled Keywords: Secure Data
Identification Number: TUD-CS-2012-0205
Divisions: 20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra > Public-Key Infrastrukturen (PKI)
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Date Deposited: 04 Aug 2016 15:08
Last Modified: 17 May 2018 13:02
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details