TY - GEN
T1 - Authenticated public key distribution scheme without trusted third party
AU - Koo, Jae Hyung
AU - Kim, Bum Han
AU - Lee, Dong Hoon
PY - 2005
Y1 - 2005
N2 - Public key authentication is necessary to prevent a valid public key of a user from being compromised by a malicious user. Namely, if it is not provided, an adversary can read all encrypted messages between a sender and a receiver by substituting the public key of the receiver with her public key. In general, a certificate issued from and digitally signed by a publicly trusted certificate authority (CA) guarantees public key authentication under the assumption that all users can get the public key of the CA to verify the validity of certificates, i.e., the signatures of the CA. The assumption is practical and widely used in the real world. However, if the CA is down by a system faults or destroyed by a terror or a war, the assumption can not be preserved. In this paper, we propose a simple and practical scheme for public key authentication without any trusted third party. The scheme basically uses a message authentication code (MAC) taking a short random value as a key to authenticate the exchanged public keys. Our scheme also can be adopted in the environments such as ad-hoc or ubiquitous in which it is hard to settle a publicly trusted authority.
AB - Public key authentication is necessary to prevent a valid public key of a user from being compromised by a malicious user. Namely, if it is not provided, an adversary can read all encrypted messages between a sender and a receiver by substituting the public key of the receiver with her public key. In general, a certificate issued from and digitally signed by a publicly trusted certificate authority (CA) guarantees public key authentication under the assumption that all users can get the public key of the CA to verify the validity of certificates, i.e., the signatures of the CA. The assumption is practical and widely used in the real world. However, if the CA is down by a system faults or destroyed by a terror or a war, the assumption can not be preserved. In this paper, we propose a simple and practical scheme for public key authentication without any trusted third party. The scheme basically uses a message authentication code (MAC) taking a short random value as a key to authenticate the exchanged public keys. Our scheme also can be adopted in the environments such as ad-hoc or ubiquitous in which it is hard to settle a publicly trusted authority.
KW - Key Management and Authentication
KW - Public Key Infrastructure (PKI)
KW - Public-key Cryptography
UR - http://www.scopus.com/inward/record.url?scp=33744899081&partnerID=8YFLogxK
U2 - 10.1007/11596042_95
DO - 10.1007/11596042_95
M3 - Conference contribution
AN - SCOPUS:33744899081
SN - 3540308032
SN - 9783540308034
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 926
EP - 935
BT - Embedded and Ubiquitous Computing - EUC 2005 Workshops
T2 - EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES
Y2 - 6 December 2005 through 9 December 2005
ER -