DocumentCode
2755462
Title
StemCerts-2: Pairs of X.509 v3 Certificates for Greater Security, Flexibility and Convenience
Author
Chiola, Giovanni ; Gasti, Paolo
Author_Institution
DISI, Univ. of Genoa, Genoa
fYear
2009
fDate
10-13 Jan. 2009
Firstpage
1
Lastpage
7
Abstract
We introduce the notion of StemCerts, a digital certificate scheme that allows the user to modify some fields of a digital certificate while keeping it valid. The owner can modify a StemCert in a limited and controlled fashion without interacting with the certification authority which issued it. By modifying her identity, the user can achieve "pseudonymous anonymity" - but the CA can still associate a certificate to its owner - and/or handle temporary or permanent address changes. Modifying the expiry date allows the user to transform her certificate into a set of "one time" certificates, thus alleviating the need for revocation lists. We developed two proof-of-concept implementations for this new scheme. The first one was based on Chameleon hash functions, while the second one was based on the use of two chained, standard X.509 v3 certificates. We also present experimental data collected from the prototype implementations that show how the second prototype can easily be adopted in real environments, possibly exploiting smartcard technology.
Keywords
cryptography; message authentication; Chameleon hash function; StemCerts; X.509 v3 certificate; digital certificate scheme; pseudonymous anonymity; Authentication; Certification; Costs; Electronic mail; Information security; Privacy; Prototypes; Public key; Smart cards; Software prototyping;
fLanguage
English
Publisher
ieee
Conference_Titel
Consumer Communications and Networking Conference, 2009. CCNC 2009. 6th IEEE
Conference_Location
Las Vegas, NV
Print_ISBN
978-1-4244-2308-8
Electronic_ISBN
978-1-4244-2309-5
Type
conf
DOI
10.1109/CCNC.2009.4784988
Filename
4784988
Link To Document