Proof-carrying proxy certificates

Authors:
Walid Bagga;Stefano Crosta;Refik Molva
Affiliations:
Institut Eurécom, Corporate Communications, Sophia Antipolis, France;Institut Eurécom, Corporate Communications, Sophia Antipolis, France;Institut Eurécom, Corporate Communications, Sophia Antipolis, France
Venue:
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Year:
2006

Citing 11
Cited 1

How to prove yourself: practical solutions to identification and signature problems

Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks

SIAM Journal on Computing - Special issue on cryptography
Proof-carrying code

Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proof-carrying authentication

CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
(How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions

ACM Transactions on Internet Technology (TOIT)
Efficient Algorithms for Pairing-Based Cryptosystems

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Self-certified Signatures

INDOCRYPT '02 Proceedings of the Third International Conference on Cryptology: Progress in Cryptology
ID-Based Blind Signature and Ring Signature from Pairings

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Anonymous yet accountable access control

Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Access control using pairing based cryptography

CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Policy-based cryptography and applications

FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security

Policy-Controlled signatures

ICICS'09 Proceedings of the 11th international conference on Information and Communications Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The term proxy certificate is used to describe a certificate that is issued by an end user for the purpose of delegating responsibility to another user so that the latter can perform certain actions on behalf of the former. Such certificates have been suggested for use in a number of applications, particularly in distributed computing environments where delegation of rights is common. In this paper, we present a new concept called proof-carrying proxy certificates. Our approach allows to combine the verification of the validity of the proxy certificate and the authorization decision making in an elegant way that enhances the privacy of the end user. In contrast with standard proxy certificates that are generated using standard (public-key) signature schemes, the proposed certificates are generated using a signature scheme for which the validity of a generated signature proves the compliance of the signer with a credential-based policy. We present a concrete realization of our approach using bilinear pairings over elliptic curves and we prove its security under adapted attack models.