Abstract
In this paper, we present the implementation of an enhanced public key infrastructure (PKI) which supports not only conventional public key cryptography (PKC) but also identity-based cryptography (IBC). In addition, we discuss the possible way of placing together IBC and PKI as well as solving the problems of user secret key revocation of PKI and IBC. As a proof of concept, an IBC framework is incorporated into Enterprise Java Bean Certified Authority (EJBCA) and the performance is reported.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Notes
These three elliptic curves are having the similar security level corresponding to 1024, 2048 and 3072 in RSA and DSA.
References
ANSI X9.62-2005 (2005). Elliptic curve digital signature algorithm, ECDSA
Carlisle Adams SL (1999) Understanding the Public-key infrastructure: concepts, standards, and deployment considerations, 1st edn. Sams
Chen L, Harrison K, Moss A, Soldera D, Smart NP (2002) Certification of public keys within an identity based system. Information security, vol 2433. LNCS, pp 322–333
Chen Q, Li Z, Yu S (2007) A cross-authentication model for heterogeneous domains in active networks. IFIP Int Conf Netw Parallel Comput Workshops:140–143
Dalton CR (2003) The NHS as a proving ground for cryptosystems. Inf Sec Techn Report 8:73–88
Eslami Z, Kazemnasabhaji M, Mirehi N (2013) Proxy signatures and buyer-seller watermarking protocols for the protection of multimedia content. Multimedia tools and applications. doi:10.1007/s11042-013-1555-0
(2009). 186-3, FIPS PUB, Digital Signature Standard (DSS)
FlexiProvider. http://www.flexiprovider.de/
Galindo D, Garcia FD A schnorr-like lightweight identity-based signature scheme. In: Proceedings of AfricaCrypt ’09, LNCS, vol 5580. pp 135–148
Kiltz E, Neven G Identity-based signatures. In: Proceedings of the CISS ’08, vol 2. pp 31–44
Krishnamurthy S (2008) Understanding the successes of identity-based encryption. NIST identity-based encryption workshop
Lee B (2010) Unified public key infrastructure supporting both certificate-based ID-based cryptography. IEEE Int Conf Availability, Reliab Secur:54–61
Legion of the Bouncy Castle. https://www.bouncycastle.org/
Network Security Services (NSS). https://developer.mozilla.org/en/docs/NSS
Open Source Certificate Authority (OpenCA) Labs. http://www.openca.org/
Open Java Development Kit (OpenJDK). http://openjdk.java.net/
Open Source Secure Socket Layer (OpenSSL) Project. https://www.openssl.org/
Price G, Mitchell CJ (2005) Interoperation between a conventional PKI and an ID-based infrastructure. Public key infrastructure, vol 3545. LNCS, pp 73–85
Rong R, Li Z, Jiang Y (2007) An authentication model for multi-type domains in active networks. IEEE international workshop on anti-counterfeiting, security, identification
Al-Riyami SS, Paterson KG Certificateless public key cryptography. In: Proceedings of the Asiacrypt ’03, vol 2894. LNCS, pp 452–473
Shamir A Identity-based cryptosystems and signature schemes. In: Proceedings of the CRYPTO ’84, vol 196. LNCS, pp 47–53
Stoianov N, Urueña M, Niemiec M, Machnik P, Maestro G (2013) Integrated security infrastructures for law enforcement agencies. Multimedia tools and applications. doi:10.1007/s11042-013-1532-7
Voltage Security Press Release (2006). Total cost of ownership of Voltage IBE 3X lower than PKI in Ferris research study. http://157.238.212.45/pressreleases/PR060530.htm
X Certificate and Key Management (XCA). http://xca.sourceforge.net/
Yi X, Zheng G, Li M, Ma H, Zheng C (2013) Efficient authentication of scalable media streams over wireless networks. Multimedia tools and applications. doi:10.1007/s11042-012-1324-5
Acknowledgments
This research is partially supported by FRGS Grant (FRGS/1/2012/TK06/MMU/03/9) and TM R&D Grant (RDTC/130827).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Tan, SY., Yau, WC. & Lim, BH. An implementation of enhanced public key infrastructure. Multimed Tools Appl 74, 6481–6495 (2015). https://doi.org/10.1007/s11042-014-2119-7
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-014-2119-7