Halo: A Hierarchical Identity-Based Public Key Infrastructure for Peer-to-Peer Opportunistic Collaboration

2009 ◽  
Author(s):  
Fu-Kuo Tseng ◽  
John K. Zao ◽  
Yung-Hsiang Liu ◽  
Fang-Po Kuo
Keyword(s):  
Peer To Peer ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Identity Based

scholarly journals Secure message routing in structured peer-to-peer networks

2021 ◽  
Author(s):  
Abdolkarim Hajfarajollah Dabbagh
Keyword(s):  
Public Key Cryptography ◽  
Peer To Peer ◽  
Public Key ◽  
Message Delivery ◽  
Delivery Time ◽  
P2p Networks ◽  
Security Measures ◽  
Message Routing ◽  
Security Issues ◽  
Identity Based

"Due to the lack of a centralized server in “Peer-to-Peer” (P2P) networks, users are responsible for the security of these networks. One of the security issues in P2P networks is the security of the message routing. Messages could be altered or modified by attackers while being routed. The conventional security method to avoid this has been “Public Key Cryptography” (PKC). To avoid the certificate management issue in PKC, “Identity-based Encryption” (IBE) has been suggested in which any arbitrary string could be used as a public key. Since IBE is a computationally expensive method, current proposed IBE-based methods are not effective in the message routing phase in P2P networks and highly affect the performance of message delivery time in these networks. This thesis proposes two IBE-based protocols that can be applied effectively to the message routing phase of structured P2P networks, yet provide a satisfactory message delivery time performance. Both protocols benefit from Identity-based key exchange scheme and, therefore, none of them impose any extra communication on the network to secure message routing. Protocol 1 significantly improves the performance of message delivery time compared to the current IBE-based proposed methods. Protocol 2, which requires nodes to store data, has a performance similar to the situations in which no security measures are applied for message routing."

Research on the Application of IBE in IEC61850 Substation Automation System

2011 ◽  
Vol 130-134 ◽  
pp. 2805-2808
Author(s):  
Shao Ping Yin
Keyword(s):  
Public Key Infrastructure ◽  
Public Key ◽  
Communication Security ◽  
Automation System ◽  
Paper Briefly ◽  
Iec 61850 ◽  
Smart Grid Communications ◽  
Identity Based ◽  
Substation Automation ◽  
Reasonable Choice

In order to reap the benefits promised by the Smart Grid, communications between the IEDs in IEC 61850 Substation Automation System (SAS) will need to be made much more secure.Traditional security solutions based on Public Key Infrastructure (PKI) are calculation intensive and introduces latency that will be difficult to meet substation environmental and electrical requirements, so they are not well suited for IEC 61850 SAS. Identity based encryption (IBE) schemes, introduced by Shamir in 1984 [5] are based on the idea to use participant’s unique identities as public key and public key directories are unnecessary. Thus, utilizing IBE in IEC 61850 SAS is a reasonable choice. This paper briefly introduces the features of IEC 61850 SAS communication security and IBE and then propose an IBE-based Self Private Key Generated (SPKG) encryption scheme to establish encryption system in IEC 61850 SAS. Advantages of this SPKG Scheme are also discussed in the paper.

scholarly journals An Implementation Suite for a Hybrid Public Key Infrastructure

Symmetry ◽  
2021 ◽  
Vol 13 (8) ◽  
pp. 1535
Author(s):  
Jason Chia ◽  
Swee-Huay Heng ◽  
Ji-Jian Chin ◽  
Syh-Yuan Tan ◽  
Wei-Chuen Yau
Keyword(s):  
Public Key Infrastructure ◽  
Public Key ◽  
Practical Implementation ◽  
Public And Private ◽  
Industry Standard ◽  
Cryptographic Keys ◽  
Identity Based ◽  
Identity Based Cryptography ◽  
The Cost ◽  
Enterprise Java Bean

Public key infrastructure (PKI) plays a fundamental role in securing the infrastructure of the Internet through the certification of public keys used in asymmetric encryption. It is an industry standard used by both public and private entities that costs a lot of resources to maintain and secure. On the other hand, identity-based cryptography removes the need for certificates, which in turn lowers the cost. In this work, we present a practical implementation of a hybrid PKI that can issue new identity-based cryptographic keys for authentication purposes while bootstrapping trust with existing certificate authorities. We provide a set of utilities to generate and use such keys within the context of an identity-based environment as well as an external environment (i.e., without root trust to the private key generator). Key revocation is solved through our custom naming design which currently supports a few scenarios (e.g., expire by date, expire by year and valid for year). Our implementation offers a high degree of interoperability by incorporating X.509 standards into identity-based cryptography (IBC) compared to existing works on hybrid PKI–IBC systems. The utilities provided are minimalist and can be integrated with existing tools such as the Enterprise Java Bean Certified Authority (EJBCA).

scholarly journals Identity Based Encryption and Identity Based Signature Scheme: A Research on Security Schemes

2019 ◽  
Vol 8 (6S4) ◽  
pp. 1330-1337
Keyword(s):  
Key Management ◽  
Public Key Cryptography ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Signature Scheme ◽  
Certificate Authority ◽  
Identity Based Encryption ◽  
Computer Based ◽  
Identity Based ◽  
To Receive

In computer based system, key for the problem of identification, authentication and secrecy can be found in the field of cryptography. Dependence on public key infrastructure and to receive certificates signed by Certificate Authority (CA) to authenticate oneself for exchange of encrypted messages is one of the most significant limitation for the widespread adoption of Public Key Cryptography (PKC) as this process is time engrossing and error prone. Identity based cryptography (IBC) aspires to reduce the certificate and key management overhead of PKC. IBC’s important primordial is Identity-based Encryption (IBE). IBE provided emergent for perception of Identity based signature (IBS) schemes. In this paper, overview of IBE and IBS schemes has been given. Also, a survey on various IBE and IBS schemes has been performed to review different problems related to them. Finally, feasibility and applicability of IBC in current and future environments has been discussed.

scholarly journals Certificados digitales: de una arquitectura jerárquica y centralizada a una distribuida y descentralizada

2018 ◽  
Author(s):  
◽  
Ignacio Martín Gallardo Urbini
Keyword(s):  
Peer To Peer ◽  
Public Key Infrastructure ◽  
Public Key ◽  
La Red

El auge de la teleinformática en sus formas más conocidas: la informática y las telecomunicaciones, impusieron el tráfico y circulación veloz de documentos notariales, civiles, comerciales y de cualquier otra naturaleza, sumado a ello, el cambio de hábitos laborales que imponen el trabajo domiciliario en varios días de la semana. La evolución tecnológica de los últimos años en el campo electrónico y digital, ha transformado la industria, el comercio, el sector servicios y doméstico, dando existencia cada vez más a una demanda mayor de las transacciones ante la necesidad de interactuar por intermedio de redes de computadoras. El término “firma digital” nace de una oferta tecnológica para acercar la firma manuscrita (ológrafa) a lo que se llama el trabajo en redes o ciberespacio que garantiza los trámites hechos en Internet. Este concepto de firma digital fue introducido por Diffie y Hellman en 1976 básicamente como una aplicación tecnológica de la criptografía asimétrica planteada como un conjunto de datos asociados a un mensaje que permite asegurar la identidad del firmante y la integridad del mensaje. La criptografía de clave pública ha sido ampliamente reconocida como una tecnología fundamental sobre la cual pueden construirse varios servicios básicos de seguridad, dado así, en 1988 comenzando conjuntamente con el estándar x.500 se adopta por parte las industrias el estándar x.509 que consiste en la aplicación de los conceptos anteriores implementados con el nombre de infraestructura de clave pública (PKI, Public Key Infrastructure), donde la objeción principal encuentra asidero respaldatorio en entidades/empresas certificadoras privadas y/o organismos públicos licenciados y respaldados por la ley 25.506 y normas complementarias [73] que impiden el delito de falsificación de los certificados digitales. Así la misma, queda equiparada a la firma de puño y letra. Los principales esfuerzos de los últimos años se han concentrado en el problema de asignar de forma segura nombres a claves, de hecho, la comunidad científica ha ido progresivamente adoptando el uso de sistemas basados en la arquitectura de certificados digitales con el fin de proporcionar servicios de seguridad a los sistemas distribuidos, los cuales dependen de la existencia de un método centralizado y jerárquico para converger en la seguridad y fiabilidad en cuanto a gestión de claves públicas. Toda esta misma problemática se traspola a la gestión del comercio electrónico confiable y seguro, donde en el modelo inicial se requería de una tercera entidad (un banco) la cual debía emitir divisa electrónica a los diferentes usuarios. A principios del año 2009, Satoshi Nakamoto crea Bitcoin: una tecnología peer-to-peer para operar sin una autoridad central o bancos; la gestión de las transacciones y la emisión de moneda electrónica es llevada a cabo de forma colectiva por la red. Este modelo innovador combina varios conceptos desarrollados por las propuestas iniciales de la arquitectura de funcionamiento del dinero electrónico, para lograr un sistema completamente descentralizado. A diferencia de la mayoría de las monedas, el funcionamiento de Bitcoin no depende de una institución central, sino de una base de datos distribuida y sincronizada llamada blockchain donde las transacciones se identifican y ordenan secuencialmente e impidiendo su modificación. El software ideado por Nakamoto emplea la criptografía asimétrica para proveer funciones de seguridad básicas, tales como la garantía de que los bitcoins solo puedan ser gastados por su dueño, y nunca más de una vez. El objetivo de esta tesis es llevar a cabo y aplicar a la arquitectura de certificados digitales o infraestructura de clave pública lo que allá en el 2009 logró exitosamente Satoshi Nakamoto, un rediseño, reingeniería y cambio de paradigma en el comercio electrónico, de una arquitectura centralizada y jerárquica a una completamente descentralizada por medio de su innovación tecnológica llamada blockchain o cadena de bloques.

scholarly journals A Certificate-Based Provable Data Possession Scheme in the Standard Model

2021 ◽  
Vol 2021 ◽  
pp. 1-12
Author(s):  
Caixue Zhou
Keyword(s):  
Standard Model ◽  
High Efficiency ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Provable Data Possession ◽  
The Public ◽  
The Standard Model ◽  
Identity Based ◽  
The Cost ◽  
Very High

Certificate-based cryptosystem can not only resolve the private key escrow problem inherent in the identity-based cryptosystem but also reduce the cost of public key certificate management in the public key infrastructure-(PKI-) based cryptosystem. Provable data possession (PDP) can ensure the integrity of users’ data stored in the cloud at a very high probability. By combining these two concepts, we propose a certificate-based PDP scheme. We prove that our scheme is secure in the standard model assuming that the Squ-CDH problem is hard. Based on the index logic table, our scheme can be extended to support dynamic operations easily. Efficiency analysis shows that our scheme has high efficiency.

Sign in / Sign up

Export Citation Format

Share Document