Fine-grained control of security capabilities
- 1 February 2004
- journal article
- Published by Association for Computing Machinery (ACM) in ACM Transactions on Internet Technology
- Vol. 4 (1) , 60-82
- https://doi.org/10.1145/967030.967033
Abstract
We present a new approach for fine-grained control over users' security privileges (fast revocation of credentials) centered around the concept of an on-line semi-trusted mediator (SEM). The use of a SEM in conjunction with a simple threshold variant of the RSA cryptosystem (mediated RSA) offers a number of practical advantages over current revocation techniques. The benefits include simplified validation of digital signatures, efficient certificate revocation for legacy systems and fast revocation of signature and decryption capabilities. This paper discusses both the architecture and the implementation of our approach as well as its performance and compatibility with the existing infrastructure. Experimental results demonstrate its practical aspects.Keywords
This publication has 13 references indexed in Scilit:
- Simple Identity-Based Cryptography with Mediated RSAPublished by Springer Nature ,2003
- Identity-Based Encryption from the Weil PairingSIAM Journal on Computing, 2003
- Two-Party Generation of DSA SignaturesPublished by Springer Nature ,2001
- Efficient generation of shared RSA keysJournal of the ACM, 2001
- An Efficient threshold Public Key Cryptosystem Secure Against Adaptive Chosen Ciphertext Attack (Extended Abstract)Published by Springer Nature ,1999
- Fast digital identity revocationPublished by Springer Nature ,1998
- The Yaksha security systemCommunications of the ACM, 1996
- The Exact Security of Digital Signatures-How to Sign with RSA and RabinPublished by Springer Nature ,1996
- Efficient Digital Public-Key Signatures with ShadowPublished by Springer Nature ,1988
- Security without identification: transaction systems to make big brother obsoleteCommunications of the ACM, 1985