Secure and Privacy-Friendly Public Key Generation and Certification
2014 (English)In: 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, New York: IEEE Press, 2014, 114-121 p.Conference paper (Refereed)
Digital societies increasingly rely on secure communication between parties. Certificate enrollment protocols are used by certificate authorities to issue public key certificates to clients. Key agreement protocols, such as Diffie-Hellman, are used to compute secret keys, using public keys as input, for establishing secure communication channels. Whenever the keys are generated by clients, the bootstrap process requires either (a) an out-of-band verification for certification of keys when those are generated by the clients themselves, or (b) a trusted server to generate both the public and secret parameters. This paper presents a novel constrained key agreement protocol, built upon a constrained Diffie-Hellman, which is used to generate a secure public-private key pair, and to set up a certification environment without disclosing the private keys. In this way, the servers can guarantee that the generated key parameters are safe, and the clients do not disclose any secret information to the servers.
Place, publisher, year, edition, pages
New York: IEEE Press, 2014. 114-121 p.
Public Key Generation, Privacy, Security, Certification, Protocol
Computer Systems Computer Science
Research subject Computer Science
IdentifiersURN: urn:nbn:se:kau:diva-41929DOI: 10.1109/TrustCom.2014.19ISI: 000380562600015OAI: oai:DiVA.org:kau-41929DiVA: diva2:923580
13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 24-26 Sept. 2014, Beijing