Authenticated public key distribution scheme without trusted third party

Jae Hyung Koo; Bum Han Kim; Dong Hoon Lee

doi:10.1007/11596042_95

Authenticated public key distribution scheme without trusted third party

Jae Hyung Koo, Bum Han Kim, Dong Hoon Lee

School of Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

4 Citations (Scopus)

Abstract

Public key authentication is necessary to prevent a valid public key of a user from being compromised by a malicious user. Namely, if it is not provided, an adversary can read all encrypted messages between a sender and a receiver by substituting the public key of the receiver with her public key. In general, a certificate issued from and digitally signed by a publicly trusted certificate authority (CA) guarantees public key authentication under the assumption that all users can get the public key of the CA to verify the validity of certificates, i.e., the signatures of the CA. The assumption is practical and widely used in the real world. However, if the CA is down by a system faults or destroyed by a terror or a war, the assumption can not be preserved. In this paper, we propose a simple and practical scheme for public key authentication without any trusted third party. The scheme basically uses a message authentication code (MAC) taking a short random value as a key to authenticate the exchanged public keys. Our scheme also can be adopted in the environments such as ad-hoc or ubiquitous in which it is hard to settle a publicly trusted authority.

Original language	English
Title of host publication	Embedded and Ubiquitous Computing - EUC 2005 Workshops
Subtitle of host publication	UISW, NCUS, SecUbiq, USN, and TAUES, Proceedings
Pages	926-935
Number of pages	10
DOIs	https://doi.org/10.1007/11596042_95
Publication status	Published - 2005
Event	EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES - Nagasaki, Japan Duration: 2005 Dec 6 → 2005 Dec 9

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	3823 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES
Country/Territory	Japan
City	Nagasaki
Period	05/12/6 → 05/12/9

Keywords

Key Management and Authentication
Public Key Infrastructure (PKI)
Public-key Cryptography

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/11596042_95

Cite this

Koo, J. H., Kim, B. H., & Lee, D. H. (2005). Authenticated public key distribution scheme without trusted third party. In Embedded and Ubiquitous Computing - EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, Proceedings (pp. 926-935). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3823 LNCS). https://doi.org/10.1007/11596042_95

Authenticated public key distribution scheme without trusted third party. / Koo, Jae Hyung; Kim, Bum Han; Lee, Dong Hoon.
Embedded and Ubiquitous Computing - EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, Proceedings. 2005. p. 926-935 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3823 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Koo, JH, Kim, BH & Lee, DH 2005, Authenticated public key distribution scheme without trusted third party. in Embedded and Ubiquitous Computing - EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 3823 LNCS, pp. 926-935, EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, Nagasaki, Japan, 05/12/6. https://doi.org/10.1007/11596042_95

Koo JH, Kim BH, Lee DH. Authenticated public key distribution scheme without trusted third party. In Embedded and Ubiquitous Computing - EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, Proceedings. 2005. p. 926-935. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/11596042_95

Koo, Jae Hyung ; Kim, Bum Han ; Lee, Dong Hoon. / Authenticated public key distribution scheme without trusted third party. Embedded and Ubiquitous Computing - EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, Proceedings. 2005. pp. 926-935 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{52f2acee5e6740f588fe5b7b3644127d,

title = "Authenticated public key distribution scheme without trusted third party",

abstract = "Public key authentication is necessary to prevent a valid public key of a user from being compromised by a malicious user. Namely, if it is not provided, an adversary can read all encrypted messages between a sender and a receiver by substituting the public key of the receiver with her public key. In general, a certificate issued from and digitally signed by a publicly trusted certificate authority (CA) guarantees public key authentication under the assumption that all users can get the public key of the CA to verify the validity of certificates, i.e., the signatures of the CA. The assumption is practical and widely used in the real world. However, if the CA is down by a system faults or destroyed by a terror or a war, the assumption can not be preserved. In this paper, we propose a simple and practical scheme for public key authentication without any trusted third party. The scheme basically uses a message authentication code (MAC) taking a short random value as a key to authenticate the exchanged public keys. Our scheme also can be adopted in the environments such as ad-hoc or ubiquitous in which it is hard to settle a publicly trusted authority.",

keywords = "Key Management and Authentication, Public Key Infrastructure (PKI), Public-key Cryptography",

author = "Koo, {Jae Hyung} and Kim, {Bum Han} and Lee, {Dong Hoon}",

year = "2005",

doi = "10.1007/11596042_95",

language = "English",

isbn = "3540308032",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "926--935",

booktitle = "Embedded and Ubiquitous Computing - EUC 2005 Workshops",

note = "EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES ; Conference date: 06-12-2005 Through 09-12-2005",

}

TY - GEN

T1 - Authenticated public key distribution scheme without trusted third party

AU - Koo, Jae Hyung

AU - Kim, Bum Han

AU - Lee, Dong Hoon

PY - 2005

Y1 - 2005

N2 - Public key authentication is necessary to prevent a valid public key of a user from being compromised by a malicious user. Namely, if it is not provided, an adversary can read all encrypted messages between a sender and a receiver by substituting the public key of the receiver with her public key. In general, a certificate issued from and digitally signed by a publicly trusted certificate authority (CA) guarantees public key authentication under the assumption that all users can get the public key of the CA to verify the validity of certificates, i.e., the signatures of the CA. The assumption is practical and widely used in the real world. However, if the CA is down by a system faults or destroyed by a terror or a war, the assumption can not be preserved. In this paper, we propose a simple and practical scheme for public key authentication without any trusted third party. The scheme basically uses a message authentication code (MAC) taking a short random value as a key to authenticate the exchanged public keys. Our scheme also can be adopted in the environments such as ad-hoc or ubiquitous in which it is hard to settle a publicly trusted authority.

AB - Public key authentication is necessary to prevent a valid public key of a user from being compromised by a malicious user. Namely, if it is not provided, an adversary can read all encrypted messages between a sender and a receiver by substituting the public key of the receiver with her public key. In general, a certificate issued from and digitally signed by a publicly trusted certificate authority (CA) guarantees public key authentication under the assumption that all users can get the public key of the CA to verify the validity of certificates, i.e., the signatures of the CA. The assumption is practical and widely used in the real world. However, if the CA is down by a system faults or destroyed by a terror or a war, the assumption can not be preserved. In this paper, we propose a simple and practical scheme for public key authentication without any trusted third party. The scheme basically uses a message authentication code (MAC) taking a short random value as a key to authenticate the exchanged public keys. Our scheme also can be adopted in the environments such as ad-hoc or ubiquitous in which it is hard to settle a publicly trusted authority.

KW - Key Management and Authentication

KW - Public Key Infrastructure (PKI)

KW - Public-key Cryptography

UR - http://www.scopus.com/inward/record.url?scp=33744899081&partnerID=8YFLogxK

U2 - 10.1007/11596042_95

DO - 10.1007/11596042_95

M3 - Conference contribution

AN - SCOPUS:33744899081

SN - 3540308032

SN - 9783540308034

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 926

EP - 935

BT - Embedded and Ubiquitous Computing - EUC 2005 Workshops

T2 - EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES

Y2 - 6 December 2005 through 9 December 2005

ER -

Authenticated public key distribution scheme without trusted third party

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this