Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Communications of the ACM
Delegation of cryptographic servers for capture-resilient devices
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Efficient generation of shared RSA keys
Journal of the ACM (JACM)
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
A Chosen Text Attack on the RSA Cryptosystem and Some Discrete Logarithm Schemes
CRYPTO '85 Advances in Cryptology
Efficient Digital Public-Key Signature with Shadow (Abstract)
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Fast Digital Identity Revocation (Extended Abstract)
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A Response to ''Can We Eliminate Certificate Revocation Lists?''
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
Networked Cryptographic Devices Resilient to Capture
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Certificate revocation and certificate update
IEEE Journal on Selected Areas in Communications
An approach to enhance inter-provider roaming through secret sharing and its application to WLANs
Proceedings of the 3rd ACM international workshop on Wireless mobile applications and services on WLAN hotspots
Support of subscribers' certificates in a hybrid WLAN-3G environment
Computer Networks: The International Journal of Computer and Telecommunications Networking
One-time proxy signatures revisited
Computer Standards & Interfaces
Addressing Credential Revocation in Grid Environments
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
24-hour knowledge factory: Using Internet technology to leverage spatial and temporal separations
ACM Transactions on Internet Technology (TOIT) - Special Issue on the Internet and Outsourcing
Security Mediated Certificateless Signatures
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Leak-free mediated group signatures
Journal of Computer Security
Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application
Information Security Applications
A grid authentication system with revocation guarantees
HiPC'05 Proceedings of the 12th international conference on High Performance Computing
Fine grained control of security capability and forward security in a pairing based signature scheme
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Modified ID-Based threshold decryption and its application to mediated ID-Based encryption
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Efficient revocation of security capability in certificateless public key cryptography
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
Security-Mediated certificateless cryptography
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
| Hi-index | 0.00 |
We present a new approach for fine-grained control over users' security privileges (fast revocation of credentials) centered around the concept of an on-line semi-trusted mediator (SEM). The use of a SEM in conjunction with a simple threshold variant of the RSA cryptosystem (mediated RSA) offers a number of practical advantages over current revocation techniques. The benefits include simplified validation of digital signatures, efficient certificate revocation for legacy systems and fast revocation of signature and decryption capabilities. This paper discusses both the architecture and the implementation of our approach as well as its performance and compatibility with the existing infrastructure. Experimental results demonstrate its practical aspects.