scholarly journals An Implementation Suite for a Hybrid Public Key Infrastructure

Symmetry ◽  
2021 ◽  
Vol 13 (8) ◽  
pp. 1535
Author(s):  
Jason Chia ◽  
Swee-Huay Heng ◽  
Ji-Jian Chin ◽  
Syh-Yuan Tan ◽  
Wei-Chuen Yau
Keyword(s):  
Public Key Infrastructure ◽  
Public Key ◽  
Practical Implementation ◽  
Public And Private ◽  
Industry Standard ◽  
Cryptographic Keys ◽  
Identity Based ◽  
Identity Based Cryptography ◽  
The Cost ◽  
Enterprise Java Bean

Public key infrastructure (PKI) plays a fundamental role in securing the infrastructure of the Internet through the certification of public keys used in asymmetric encryption. It is an industry standard used by both public and private entities that costs a lot of resources to maintain and secure. On the other hand, identity-based cryptography removes the need for certificates, which in turn lowers the cost. In this work, we present a practical implementation of a hybrid PKI that can issue new identity-based cryptographic keys for authentication purposes while bootstrapping trust with existing certificate authorities. We provide a set of utilities to generate and use such keys within the context of an identity-based environment as well as an external environment (i.e., without root trust to the private key generator). Key revocation is solved through our custom naming design which currently supports a few scenarios (e.g., expire by date, expire by year and valid for year). Our implementation offers a high degree of interoperability by incorporating X.509 standards into identity-based cryptography (IBC) compared to existing works on hybrid PKI–IBC systems. The utilities provided are minimalist and can be integrated with existing tools such as the Enterprise Java Bean Certified Authority (EJBCA).

scholarly journals A Certificate-Based Provable Data Possession Scheme in the Standard Model

2021 ◽  
Vol 2021 ◽  
pp. 1-12
Author(s):  
Caixue Zhou
Keyword(s):  
Standard Model ◽  
High Efficiency ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Provable Data Possession ◽  
The Public ◽  
The Standard Model ◽  
Identity Based ◽  
The Cost ◽  
Very High

Certificate-based cryptosystem can not only resolve the private key escrow problem inherent in the identity-based cryptosystem but also reduce the cost of public key certificate management in the public key infrastructure-(PKI-) based cryptosystem. Provable data possession (PDP) can ensure the integrity of users’ data stored in the cloud at a very high probability. By combining these two concepts, we propose a certificate-based PDP scheme. We prove that our scheme is secure in the standard model assuming that the Squ-CDH problem is hard. Based on the index logic table, our scheme can be extended to support dynamic operations easily. Efficiency analysis shows that our scheme has high efficiency.

Research on the Application of IBE in IEC61850 Substation Automation System

2011 ◽  
Vol 130-134 ◽  
pp. 2805-2808
Author(s):  
Shao Ping Yin
Keyword(s):  
Public Key Infrastructure ◽  
Public Key ◽  
Communication Security ◽  
Automation System ◽  
Paper Briefly ◽  
Iec 61850 ◽  
Smart Grid Communications ◽  
Identity Based ◽  
Substation Automation ◽  
Reasonable Choice

In order to reap the benefits promised by the Smart Grid, communications between the IEDs in IEC 61850 Substation Automation System (SAS) will need to be made much more secure.Traditional security solutions based on Public Key Infrastructure (PKI) are calculation intensive and introduces latency that will be difficult to meet substation environmental and electrical requirements, so they are not well suited for IEC 61850 SAS. Identity based encryption (IBE) schemes, introduced by Shamir in 1984 [5] are based on the idea to use participant’s unique identities as public key and public key directories are unnecessary. Thus, utilizing IBE in IEC 61850 SAS is a reasonable choice. This paper briefly introduces the features of IEC 61850 SAS communication security and IBE and then propose an IBE-based Self Private Key Generated (SPKG) encryption scheme to establish encryption system in IEC 61850 SAS. Advantages of this SPKG Scheme are also discussed in the paper.

scholarly journals Identity Based Encryption and Identity Based Signature Scheme: A Research on Security Schemes

2019 ◽  
Vol 8 (6S4) ◽  
pp. 1330-1337
Keyword(s):  
Key Management ◽  
Public Key Cryptography ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Signature Scheme ◽  
Certificate Authority ◽  
Identity Based Encryption ◽  
Computer Based ◽  
Identity Based ◽  
To Receive

In computer based system, key for the problem of identification, authentication and secrecy can be found in the field of cryptography. Dependence on public key infrastructure and to receive certificates signed by Certificate Authority (CA) to authenticate oneself for exchange of encrypted messages is one of the most significant limitation for the widespread adoption of Public Key Cryptography (PKC) as this process is time engrossing and error prone. Identity based cryptography (IBC) aspires to reduce the certificate and key management overhead of PKC. IBC’s important primordial is Identity-based Encryption (IBE). IBE provided emergent for perception of Identity based signature (IBS) schemes. In this paper, overview of IBE and IBS schemes has been given. Also, a survey on various IBE and IBS schemes has been performed to review different problems related to them. Finally, feasibility and applicability of IBC in current and future environments has been discussed.

scholarly journals Post Quantum Cryptographic Keys Generated with Physical Unclonable Functions

2021 ◽  
Vol 11 (6) ◽  
pp. 2801
Author(s):  
Bertrand Cambou ◽  
Michael Gowanlock ◽  
Bahattin Yildiz ◽  
Dina Ghanaimiandoab ◽  
Kaitlyn Lee ◽  
...  
Keyword(s):  
High Performance ◽  
Public Key ◽  
Graphic Processing Units ◽  
Public And Private ◽  
Physical Unclonable Functions ◽  
The Public ◽  
Cryptographic Keys ◽  
Network Technologies ◽  
And Storage ◽  
Performance Computing

Lattice and code cryptography can replace existing schemes such as elliptic curve cryptography because of their resistance to quantum computers. In support of public key infrastructures, the distribution, validation and storage of the cryptographic keys is then more complex for handling longer keys. This paper describes practical ways to generate keys from physical unclonable functions, for both lattice and code-based cryptography. Handshakes between client devices containing the physical unclonable functions (PUFs) and a server are used to select sets of addressable positions in the PUFs, from which streams of bits called seeds are generated on demand. The public and private cryptographic key pairs are computed from these seeds together with additional streams of random numbers. The method allows the server to independently validate the public key generated by the PUF, and act as a certificate authority in the network. Technologies such as high performance computing, and graphic processing units can further enhance security by preventing attackers from making this independent validation when only equipped with less powerful computers.

Designing Grid Security Infrastructures Using Identity-Based Cryptography

2010 ◽  
pp. 817-837
Author(s):  
Hoon Wei Lim
Keyword(s):  
Key Management ◽  
Mutual Authentication ◽  
Public Key ◽  
Grid Security ◽  
Grid Systems ◽  
Single Sign On ◽  
Security Services ◽  
Identity Based ◽  
Identity Based Cryptography

Public key infrastructure (PKI) is presently deployed in most grid implementations. Existing PKI-based grid systems make extensive use of public key certificates, both long-term and short-term, in order to support various grid security services, such as single sign-on, mutual authentication and delegation. Orthogonally, the emergence of identity-based cryptography (IBC), which is certificate-free, makes possible more lightweight, simpler public key management techniques than that of conventional certificate-based PKI. In this chapter, the authors study how properties of IBC can be used to design alternative grid security infrastructures which support grid security services in a more clean and natural way.

Sign in / Sign up

Export Citation Format

Share Document