Ecole d'ingénieur et centre de recherche en Sciences du numérique

Proof-carrying proxy certificates

Bagga, Walid;Crosta, Stefano;Molva, Refik

SCN 2006, 5th Conference on Security and Cryptography for Networks, September 6-8, 2006, Maiori, Italy / Also published as LNCS, Volume 4116/2006, ISBN: 978-3-540-38080-1

The term proxy certificate is used to describe a certificate that is issued by an end user for the purpose of delegating responsibility to another user so that the latter can perform certain actions on behalf of the former. Such certificates have been suggested for use in a number of applications, particularly in distributed computing environments where delegation of rights is common. In this paper, we present a new concept called proof-carrying proxy certificates. Our approach allows to combine the verification of the validity of the proxy certificate and the authorization decision making in an elegant way that enhances the privacy of the end user. In contrast with standard proxy certificates that are generated using standard (public-key) signature schemes, the proposed certificates are generated using a signature scheme for which the validity of a generated signature proves the compliance of the signer with a credential-based policy. We present a concrete realization of our approach using bilinear pairings over elliptic curves and we prove its security under adapted attack models.

Document Doi Bibtex

Titre:Proof-carrying proxy certificates
Mots Clés:Proxy Certificates;Credentials;Authorization; Bilinear Pairings;DataMinimization
Type:Conférence
Langue:English
Ville:Maiori
Pays:ITALIE
Date:
Département:Sécurité numérique
Eurecom ref:1959
Copyright: © Springer. Personal use of this material is permitted. The definitive version of this paper was published in SCN 2006, 5th Conference on Security and Cryptography for Networks, September 6-8, 2006, Maiori, Italy / Also published as LNCS, Volume 4116/2006, ISBN: 978-3-540-38080-1 and is available at : http://dx.doi.org/10.1007/11832072
Bibtex: @inproceedings{EURECOM+1959, doi = {http://dx.doi.org/10.1007/11832072}, year = {2006}, title = {{P}roof-carrying proxy certificates}, author = {{B}agga, {W}alid and {C}rosta, {S}tefano and {M}olva, {R}efik}, booktitle = {{SCN} 2006, 5th {C}onference on {S}ecurity and {C}ryptography for {N}etworks, {S}eptember 6-8, 2006, {M}aiori, {I}taly / {A}lso published as {LNCS}, {V}olume 4116/2006, {ISBN}: 978-3-540-38080-1}, address = {{M}aiori, {ITALIE}}, month = {09}, url = {http://www.eurecom.fr/publication/1959} }
Voir aussi: