Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Evaluating certificate status information mechanisms
Proceedings of the 7th ACM conference on Computer and communications security
Self-Escrowed Public-Key Infrastructures
ICISC '99 Proceedings of the Second International Conference on Information Security and Cryptology
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Toward Hierarchical Identity-Based Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Hierarchical ID-Based Cryptography
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Revocation: Options and Challenges
FC '98 Proceedings of the Second International Conference on Financial Cryptography
An Identity Based Encryption Scheme Based on Quadratic Residues
Proceedings of the 8th IMA International Conference on Cryptography and Coding
Efficient revocation and threshold pairing based cryptosystems
Proceedings of the twenty-second annual symposium on Principles of distributed computing
A method for fast revocation of public key certificates and security capabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Efficient and secure self-escrowed public-key infrastructures
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Certificate revocation and certificate update
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Distributing the Key Distribution Centre in Sakai---Kasahara Based Systems
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Certificate-based encryption and the certificate revocation problem
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Simple identity-based cryptography with mediated RSA
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
A certificate-based proxy cryptosystem with revocable proxy decryption power
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Distributed private-key generators for identity-based cryptography
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
| Hi-index | 0.00 |
Public key infrastructures (PKIs) are proposed to provide various security services. Some security services such as confidentiality, require key escrow in certain scenarios; while some others such as non-repudiation, prohibit key escrow. Moreover, these two conflicting requirements can coexist for one user. The common solution in which each user has two certificates and an escrow authority backups all escrowed private keys for users, faces the problems of efficiency and scalability. In this paper, a novel key management infrastructure called RIKE is proposed to integrate the inherent key escrow of identity-based encryption (IBE) into PKIs. In RIKE, a user's PKI certificate also serves as a revocable identity to derive the user's IBE public key, and the revocation of its IBE key pair is achieved by the certificate revocation of PKIs. Therefore, the certificate binds the user with two key pairs, one of which is escrowed and the other is not. RIKE is an effective certificate-based solution and highly compatible with traditional PKIs.