基于二次剩余问题的证书撤销方案

证书撤销状态发布是PKI一个最为关键的环节.评价一个证书撤销状态发布方案的指标主要包含证书状态发布通信量、发布的实时性、访问平稳性、目录服务器安全要求、状态验证计算复杂度等五个方面.在对目前已有证书状态发布方案分析的基础上,本文提出基于二次剩余难解问题的证书撤销状态发布方案.该方案在状态发布的实时性、发布数据通信量、访问发生平稳性、对目录服务器的安全要求等方面都有十分理想的效果,其计算复杂度也小于OCSP、CRT和CRL.     

CRL与OCSP相结合的证书撤销方案

提出了一个基于CRL和OCSP策略的新的证书撤销方案。首先分析比较了CRL和OCSP协议的优缺点,然后结合两者的优点通过建立一个请求处理服务器提出了一个新的证书撤销方案,最后对改进方案的优劣做了分析总结。     

SCM: Secure and accountable TLS certificate management

In classical public‐key infrastructure (PKI), the certificate authorities (CAs) are fully trusted, and the security of the PKI relies on the trustworthiness of the CAs. However, recent failures and compromises of CAs showed that if a CA is corrupted, fake certificates may be issued, and the security of clients will be at risk. As emerging solutions, blockchain‐ and log‐based PKI proposals potentially solved the shortcomings of the PKI, in particular, eliminating the weakest link security and providing a rapid remedy to CAs' problems. Nevertheless, log‐based PKIs are still exposed to split‐world attacks if the attacker is capable of presenting two distinct signed versions of the log to the targeted victim(s), while the blockchain‐based PKIs have scaling and high‐cost issues to be overcome. To address these problems, this paper presents a secure and accountable transport layer security (TLS) certificate management (SCM), which is a next‐generation PKI framework. It combines the two emerging architectures, introducing novel mechanisms, and makes CAs and log servers accountable to domain owners. In SCM, CA‐signed domain certificates are stored in log servers, while the management of CAs and log servers is handed over to a group of domain owners, which is conducted on the blockchain platform. Different from existing blockchain‐based PKI proposals, SCM decreases the storage cost of blockchain from several hundreds of GB to only hundreds of megabytes. Finally, we analyze the security and performance of SCM and compare SCM with previous blockchain‐ and log‐based PKI schemes.     

Performance of PKI-based security mechanisms in mobile ad hoc networks

Security for ad hoc network environments has received a lot of attention as of today. Previous work has mainly been focussing on secure routing, fairness issues, and malicious node detection. However, the issue of introducing and conserving trust relationships has received considerably less attention. In this article, we present a scalable method for the use of public key certificates and their revocation in mobile ad hoc networks (MANETs). With the LKN-ad hoc security framework (LKN-ASF) a certificate management protocol has been introduced, bringing PKI technology to MANETs. In addition a performance analysis of two different revocation approaches for MANETs will be presented.     

Towards Certificate-Based Authentication for Future Mobile Communications

Certificate-based authentication of parties provides a powerful means for verifying claimed identities, since communicating partners do not have to exchange secrets in advance for authentication. This is especially valuable for roaming scenarios in future mobile communications where users authenticate to obtain network access—service access may potentially be based thereon in integrated approaches—and where the number of access network providers and Internet service providers is expected to increase considerably. When dealing with certificates, one must cope with the verification of complete certificate paths for security reasons. In mobile communications, additional constraints exist under which this verification work is performed. These constraints make verification more difficult when compared to non-mobile contexts. Mobile devices may have limited capacity for computation and mobile communication links may have limited bandwidth. In this paper, we propose to apply PKI servers—such as implemented at FhG-SIT—that allow the delegation of certificate path validation in order to speed up verification. Furthermore, we propose a special structure for PKI components and specific cooperation models that force certificate paths to be short, i.e., the lenghts of certificate paths are upper-bounded to certain small values depending on the conditions of specific cases. Additionally, we deal with the problem of users who do not have Internet access during the authentication phase. We explain how we solved this problem and show a gap in existing standards.     

可证安全的高效可托管公钥加密方案

可托管公钥加密方案中一个公钥对应于2个解密私钥,它可大大减少公钥基础设施PKI中公钥证书的数目,从而降低其公钥证书管理的负荷。同时对于用户端来说,它也能减小所需私钥存储空间,减轻用户的私钥管理负担。提出2个新的可托管公钥加密方案,其中第二个方案是文献中所有现存同类方案中最为高效的一个。它也是第一个可证安全的方案,其安全性基于标准的双线性Diffie-Hellman假设。     

一种CA私钥安全管理方案

CA(certificate authority)是PKI中的重要组成部分,负责签发可以识别用户身份的数字证书.CA的私有密钥一旦泄露,它所签发的所有证书将全部作废.因此,保护CA私钥的安全性是整个PKI安全的核心.本文介绍的CA私钥安全管理方案主要基于门限密码技术.通过将不同的密钥份额分布在不同部件上、任何部件都无法重构私钥,来确保在密钥产生、分发及使用过程中,即使部分系统部件受到攻击或系统管理人员背叛,也不会泄漏CA的私钥,CA仍可以正常工作.     

利用双证书机制改进SSL/TLS协议

在PKI技术规范发展的过程中目前形成两种证书机制:单证书机制和双证书机制[1]。近年来,在欧洲等国家又掀起多证书协议的研究[2],但尚不成熟。单证书是目前广泛存在和应用的证书机制,但用证书的加密和签名在PKI中是两种应用,因为,在SSL协议的应用中都采用双证书机制。为此,论文重点讨论了双证书机制的实现与应用,以及它对SSL/TLS通信协议进行的安全性改进,如改进了TLS的访问控制、增加抵抗DoS攻击特性等相关研究。     

基于分层信任模型的PKI机构证书更新研究

在PKI系统中,机构证书的安全性在整个PKI系统中处于非常重要的地位。当机构证书到期、密钥泄漏时,应及时撤销机构证书并进行更新,避免机构证书的错误使用而影响整个PKI系统的安全性。文中根据现有PKI规范及现状,分析了基于分层认证模型的机构证书更新机制,并对机构证书更新提出了一种新的实现方案。     

X.509 V3证书格式及语义

随着电子商务的广泛应用,公开密钥基础设施（PKI）建设和公开密钥密码学成为研究的热点,描述了公钥证书系统中,X.509V3版证书的结构及其语义,特别是对证书的扩展域的各个字段作了重点的分析,最后还对其它分钥证书结构作了简单的介绍。     

A localized certificate revocation scheme for mobile ad hoc networks

The issue of certificate revocation in mobile ad hoc networks (MANETs) where there are no on-line access to trusted authorities, is a challenging problem. In wired network environments, when certificates are to be revoked, certificate authorities (CAs) add the information regarding the certificates in question to certificate revocation lists (CRLs) and post the CRLs on accessible repositories or distribute them to relevant entities. In purely ad hoc networks, there are typically no access to centralized repositories or trusted authorities; therefore the conventional method of certificate revocation is not applicable.In this paper, we present a decentralized certificate revocation scheme that allows the nodes within a MANET to revoke the certificates of malicious entities. The scheme is fully contained and it does not rely on inputs from centralized or external entities.     

PKI签发机制相关标准一致性验证研究

分析了PKI签发机制相关标准存在的一致性问题,设计和实现了基于信息安全关键标准验证平台的仿真程序模块,并对证书格式、证书编码和证书更新时的有效性开展了标准一致性仿真验证。     

PKI-X.509公钥证书及其CA的研究进展

CA及公钥证书是目前Internet上各类安全应用系统的主要密钥管理方式。本文首先描述了用于在Internet分布式网络环境下管理公钥的PKIX.509证书管理模型及其研究进展,全面分析了构造PKI的主要协议,X.500目录协议和X.509基于证书的认证协议,并对证书存取协议及其最新发展进行了描述。     

一种高效和可扩展的OCSP系统

证书状态查询是PKI中的一个关键问题,OCSP是解决这个问题的一种重要机制。本文分析了OCSP协议的技术细节,并在此基础上设计了一种高效的、可扩展的OCSP系统。文中对该系统的关键技术和其自身的安全性问题进行了详细的论述。最后,给出了关于OCSP机制的一些未决问题以及某些思考。     

基于证书的移动通信认证模型

本文针对GSM移动通信系统的安全缺陷,提出了一种基于证书的安全认证模型,并设计了基于证书的移动通信安全协议.该模型将IP网络的CA认证技术引入到无线网络,并对经典PKI进行了改进,将身份认证和访问授权进行了区分,实现了密钥和持有人的1:n关系,并支持匿名访问.通过实验证明了证书模型解决移动通信安全性的可行性.     

一种基于证书属性的根证书更新方法研究

PKI的根CA证书的有效性和完整性是整个系统的基石,为了保证其有效性和完整性,根CA证书必须与其他证书一样,定期进行更新。根CA证书的有效期一般为10至15年,今后的2至3年时间将是根CA证书更新的第一个高峰。论文提出一种高效的证书更新的实现方法,基于X509v3证书扩展属性及LDAPv3目录服务器实现根证书的更新及验证,解决了现行方法中依靠系统更新以及用户误信假根证书的问题。     

一种基于属性证书和角色的访问控制模型

基于角色的访问控制是安全系统中保护资源的有效手段之一.基于对面向对象RBAC模型的分析,引入PMI属性证书,提出一种面向对象的访问控制模型AC-ORBAC,给出形式化描述,该模型通过属性证书实现角色授权访问控制,使访问控制的管理更为灵活,对职责分离进行了讨论.同时结合PKI实现了一种面向对象的基于角色和属性证书的访问控制方法.     

一种基于文件共享的P2P节点认证方案

身份认证是P2P（peertopeer）网络安全的重要组成部分,但传统的PKI（金钥基础设施）认证方式因为具有静态的集中化控制和固定的证书内容等特点,不能很好地满足P2P网络安全认证的需要,且在公钥的分发过程中容易遭受中间人攻击。为此,提出了一种新型的公钥管理架构和身份认证方案,每个节点可以自己产生并分发公私钥,认证服务器仅在节点加入网络时参与完成公钥的分发。超级节点负责管理本组内全部节点的公钥,节点在相互认证时无需认证服务器的参与,仅通过超级节点来完成。分析结果表明,这种认证方案可以有效地抵抗中间人攻击,在保持高效率的基础上又保证了认证的安全性。     

Certificate revocation and certificate update

We present a solution for the problem of certificate revocation. This solution represents certificate revocation lists by authenticated dictionaries that support: (1) efficient verification whether a certificate is in the list or not and (2) efficient updates (adding/removing certificates from the list). The suggested solution gains in scalability, communication costs, robustness to parameter changes, and update rate. Comparisons to the following solutions (and variants) are included: “traditional” certificate revocation lists (CRLs), Micali's (see Tech. Memo MIT/LCS/TM-542b, 1996) certificate revocation system (CRS), and Kocher's (see Financial Cryptography-FC'98 Lecture Notes in Computer Science. Berlin: Springer-Verlag, 1998, vol.1465, p.172-7) certificate revocation trees (CRT). We also consider a scenario in which certificates are not revoked, but frequently issued for short-term periods. Based on the authenticated dictionary scheme, a certificate update scheme is presented in which all certificates are updated by a common message. The suggested solutions for certificate revocation and certificate update problems are better than current solutions with respect to communication costs, update rate, and robustness to changes in parameters, and are compatible, e.g., with X.500 certificates     

Interoperability among healthcare organizations acting as certification authorities

One of the main problems in public key infrastructures (PKI) is currently the lack of interoperability at international level, which is greatly dependent on the automation of the cross-certification procedure using certificate policies (CP). This paper addresses the aforementioned need by presenting a method for the automated development and comparison of CPs, with main emphasis on healthcare environments. The basic elements of this method include standardization of the CP content for healthcare, a prototype decision-making algorithm for CPs comparison, representation of CPs in extensible markup language, as well as a JAVA-based CP comparison tool. The final aim of the paper is to contribute toward the technical implementation of an on-line automated cross-certification service, yielding PKI interoperability and promoting information exchange between healthcare establishments.