Classifying public key certificates

Authors:
Javier Lopez;Rolf Oppliger;Günther Pernul
Affiliations:
Computer Science Dept., University of Malaga, Malaga, Spain;eSECURITY Technologies, Gümligen, Switzerland;University of Regensburg, Germany
Venue:
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
Year:
2005

Citing 10
Cited 1

Why cryptosystems fail

Communications of the ACM
Security Technologies for the World Wide Web

Security Technologies for the World Wide Web
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Differential Fault Analysis of Secret Key Cryptosystems

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Low Cost Attacks on Tamper Resistant Devices

Proceedings of the 5th International Workshop on Security Protocols
Contemporary Cryptography (Artech House Computer Security Library)

Contemporary Cryptography (Artech House Computer Security Library)
Tamper resistance: a cautionary note

WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Email-Based Identification and Authentication: An Alternative to PKI?

IEEE Security and Privacy
On the importance of checking cryptographic protocols for faults

EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques

Use of a validation authority to provide risk management for the PKI relying party

EuroPKI 2006 Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice

Quantified Score

Hi-index	0.00

Visualization

Abstract

In spite of the fact that there are several companies that (try to) sell public key certificates, there is still no unified or standardized classification scheme that can be used to compare and put into perspective the various offerings. In this paper, we try to start filling this gap and propose a four-dimensional scheme that can be used to uniformly describe and classify public key certificates. The scheme distinguishes between (i) who owns a certificate, (ii) how the certificate owner is registered, (iii) on what medium the certificate (or the private key, respectively) is stored, and (iv) what type of functionality the certificate is intended to be used for. We think that using these or similar criteria to define and come up with unified or even standardized classes of public key certificate is useful and urgently needed in practice.