Public Key Infrastructures, Services and Applications
7th European Workshop, EuroPKI 2010, Athens, Greece, September 23-24, 2010. Revised Selected Papers
Published on 15. September 2011
XII, 209 pages
978-3-642-22633-5 (ISBN)
Description
This book constitutes the thoroughly refereed post-conference proceedings of the 7th European Workshop on Public Key Infrastructures, Services and Applications, EuroPKI 2010, held in Athens, Greece, in September 2010. The 14 revised full papers presented together with an invited article were carefully reviewed and selected from 41 submissions. The papers are organized in topical sections on authentication mechanisms; privacy preserving techniques; PKI & PKC applications; electronic signature schemes; identity management.
More details
Other editions
Additional editions
Jan Camenisch | Costas Lambrinoudakis
Public Key Infrastructures, Services and Applications
7th European Workshop, EuroPKI 2010, Athens, Greece, September 23-24, 2010. Revised Selected Papers
Book
09/2011
1st Edition
Springer
€53.49
Shipment within 7-9 days
Content
- Title
- Preface
- Organization
- Table of Contents
- Session 1: Authentication Mechanisms
- PorKI: Portable PKI Credentials via Proxy Certificates
- Introduction
- Related Work
- Proxy Certificates
- System Design
- Smart Phone Application
- The Browser Extension
- Implementation Details
- iPhone and Proxy Certificates via LibPKI
- The PorKI Firefox Extension
- Enabling PorKI Authentication in Web Applications
- Conclusions and Future Work
- References
- A New Revocable Secret Handshake Scheme with Backward Unlinkability
- Introduction
- Preliminaries
- Bilinear Pairing
- Complexity Assumptions
- Definition and Security Properties
- A New Revocable Secret Handshake Scheme with Backward Unlinkability
- The RSH Scheme
- Security
- Performance
- Conclusion
- References
- SOMA: Self-Organised Mesh Authentication
- Introduction
- Motivation
- Our Contribution
- Related Work
- SOMA
- Overview
- Initialization and Bootstrapping
- Node Join and Stabilisation
- Certification
- Revocation
- Evaluation
- Security Analysis
- Critical Appraisal
- Conclusions
- References
- Session 2: Privacy Preserving Techniques
- A Privacy-Preserving Secure Service Discovery Protocol for Ubiquitous Computing Environments
- Introduction
- Related Work
- Secure Service Discovery
- Multiple Keywords Search on Encrypted Data
- BGN Encryption BGN05
- Membership Verification
- Assumption and Notation
- Polynomial Generation
- Polynomial Evaluation
- Performance Analysis
- Our Protocol
- Entity Registration Phase
- Authentication Phase
- Service Registration Phase
- Discovery Phase
- Service Access Phase
- Analysis of Our Protocol
- Performance Analysis
- Security Analysis
- Conclusion
- References
- Searchable Encryption for Outsourced Data Analytics
- Introduction
- Query Language and Setup
- Query Language
- Query Result Reusability
- Improvements over Previous Work
- Definitions
- Encryption Scheme
- Security
- Building Blocks
- Identity-Based Encryption
- Our SEODA Scheme
- Security
- Symmetric External Diffie Hellman Assumption
- Bilinear Decisional Diffie Hellman Assumption
- Protocol Security
- Ciphertext Indistinguishability
- Related Work
- Conclusion
- References
- Session 3: PKI and PKC Applications
- An Identity-Based Proxy Re-Encryption Scheme with Source Hiding Property, and its Application to a Mailing-List System
- Introduction
- Bilinear Groups and Complexity Assumption
- Definitions of IB-PRE
- System Operations of IB-PRE
- Security Requirements
- Previous IB-PRE Schemes
- Proposed IB-PRE Schemes
- Security Analysis
- A Mailing-List System Based on IB-PRE with Source Hiding Property
- Conclusion
- References
- E-Voting: A New Approach Using Double-Blind Identity-Based Encryption
- Introduction
- Desirable Properties
- Our Contribution
- Preliminaries
- Identity-Based Encryption
- Double-Blind Identity-Based Encryption
- Our Concrete DB-IBE Scheme
- Security
- Convertible, Designated Confirmer Signature Scheme Using DB-IBE
- Our E-Voting Scheme
- The Principals
- Hardware and Software
- Initialization and Vote Seeding
- The Voter Experience
- Timeline for an Election
- Post-Election Verification and Auditing
- Security Properties
- Conclusion
- References
- BBox: A Distributed Secure Log Architecture
- Introduction
- Terminology and Related Work
- BBox: Architeture and Logging Algorithms
- BBox Architecture Components
- BBox Initialization and Incoming Log Messages
- Appending Log Entries
- Authentication of Secure Log Files
- Retrieval of Log Views
- Security Analysis of the BBox
- Log Data in Transit
- Log Data at Rest
- BBox Prototype
- Summary
- References
- Session 4: Electronic Signature Schemes
- A Fair and Abuse-Free Contract Signing Protocol from Boneh-Boyen Signature
- Introduction
- Our Contribution
- Related Work
- Road Map
- Model and Definitions
- Security Notions
- Basic Tools
- Pairing Systems
- A Concurrent Zero-Knowledge Argument
- The New DBB and PDBB Signature Schemes
- The Partial Signature Scheme (PDBB)
- The Proposed Contract Signing Scheme
- Security Analysis
- Efficiency Considerations
- References
- Attribute Based Signatures for Bounded Multi- level Threshold Circuits
- Introduction
- Preliminaries
- Computational Diffie-Hellman Assumption
- Bilinear Pairing
- Lagrange Interpolation
- Scheme Outline
- Security Models
- Unforgeability
- Privacy
- Bounded Multi-level Threshold Circuit
- Scheme
- Setup
- Key Generation
- Signing
- Verification
- Security
- Unforgeability
- Privacy
- Removing Random Oracles
- Conclusion and Open Problems
- References
- Session 5: Identity Management
- User-Centric Identity Management Using Trusted Modules
- Introduction
- General Approach
- Related Work
- Assumptions, Roles and Requirements
- Roles
- Functional Requirements
- Security and Privacy Requirements
- Trust Assumptions
- Notation
- Protocols
- Card Issuance
- (re)Validation of the Card
- Authentication
- Access to (Personalized) Services
- Enrollment
- Deanonymization
- Evaluation
- Requirements Review
- Discussion
- Conclusion
- References
- Attaching Multiple Personal Identifiers in X.509 Digital Certificates
- Introduction
- Subject Identification Method
- Multiple Identifiers
- Proposed Method
- SIM Computation
- Identification from Service Providers
- Evaluation
- Conclusions
- References
- Session 6: PKI and PKC Applications
- Observations on Certification Authority Key Compromise
- Introduction
- PKI and CA Keys Security
- Protection Modes of the CA Keys
- X.509 Settings
- CA Key Compromise Levels
- Total Compromise (TC)
- Partial Compromise (PC)
- Countermeasures against Partial Compromise
- Countermeasure with Traditional Revocation Setting
- Using Other Revocation Settings
- Implementation Considerations
- Separation between the Revocation and Certification functions
- Delegation of the Revocation Function
- CRL Validity Interval
- Conclusion
- References
- An Infrastructure for Long-Term Archiving of Authenticated and Sensitive Electronic Documents
- Introduction
- Related Works
- Overview of Comprehensive Reference Architecture
- Discussion about Reference Architecture
- A New Approach of Reference Architecture
- Discussion and Evaluation of the Proposal
- Concluding Remarks and Future Works
- References
- Author Index
