Reasoning about public-key certification: On bindings between entities and public keys

IEEE Journal on Selected Areas in Communications

Volumn 18, Issue 4, 2000, Pages 551-559

  Kohlas, Reto ^a   Maurer, Ueli ^a  

^a ETH ZURICH   (Switzerland)

Author keywords

[No Author keywords available]

Indexed keywords

ELECTRONIC COMMERCE; SECURITY OF DATA;

PUBLIC-KEY CERTIFICATION; PUBLIC-KEY INFRASTRUCTURE (PKI);

CRYPTOGRAPHY;

EID: 0033749074     PISSN: 07338716     EISSN: None     Source Type: Journal    
DOI: 10.1109/49.839931     Document Type: Article

References (33)

1. I. I. S. 9594-8. Information Technology, Open Systems Interconnection, The Directory, Part 8: Authentication Framework, 1990.
2. M. Abadi, "On SDSI's linked local name spaces," in Proc. 10th IEEE Computer Security Foundations Workshop, 1997, pp. 98-108.
3. M. Abadi, M. Burrows, B. Lampson, and G. Plotkin, "A calculus for access control in distributed systems," ACM Trans. Programming Languages Syst., vol. 15, no. 4, pp. 706-734, Sept. 1993.
4. T. Beth, M. Borcherding, and B. Klein, "Valuation of trust in open systems," in Computer Security - Esorics'94, D. Gollmann, Ed. Berlin: Springer-Verlag, 1994, vol. 875, Lecture Notes in Computer Science, pp. 3-18.
5. M. Blaze, J. Feigenbaum, and J. Lacy, "Decentralized trust management," in Proc. Symp. Security Privacy, 1996, pp. 164-173.
6. M. Blaze, J. Feigenbaum, and M. Strauss, "Compliance checking in the policymaker trust management system," in Financial Cryptography, R. Hirschfeld, Ed. Berlin: Springer-Verlag, 1998, vol. 1465, Lecture Notes in Computer Science, pp. 254-274.
7. C. Boyd, "Security architectures using formal methods," IEEE J. Select. Areas Commun., vol. 11, pp. 694-701, 1993.
8. M. Burrows, M. Abadi, and R. Needham, "A logic of authentication," ACM Trans. Computer Syst., vol. 8, no. 1, pp. 18-36, 1990.
9. E. Campbell, R. Safavi-Naini, and P. Pleasants, "Partial belief and probabilistic reasoning in the analysis of secure protocols," in Proc. Computer Foundations Workshop V, 1992, pp. 84-91.
10. D. Chadwick and A. Young, "Merging and extending the PGP and PEM trust models," IEEE Network Mag., May 1997.
11. S. Consortium (1996) Basic services, architecture and design. SEMPER. Online. Available: http://www.semper.org/info/index.html
12. C. Ellison, "Establishing identity without certification authorities," in 6th USENIX Security Symp., San Jose, CA, July 22-25, 1996, pp. 67-76.
13. C. Ellison et al. (1998) Internet Draft. SPKI. OnlineExpires Sept. 16, 1998
14. B. Fox and B. LaMaccia, "Certificate revocation: Mechanisms and meaning," in Financial Cryptography, R. Hirschfeld, Ed. Berlin: Springer-Verlag, 1998, vol. 1465, Lecture Notes in Computer Science, pp. 158-164.
15. J. Glasgow, G. MacEwen, and P. Panagaden, "A logicc for reasoning about security," ACM Trans. Computer Syst., vol. 10, no. 3, pp. 226-264, 1992.
16. T. M. C. Group. (1998) MCG - Internet open group on certification and security. Online. Available: http://meg.org.br/
17. P. Kocher, "On certificate revocation and validation," in Financial Cryptography, R. Hirschfeld, Ed. Berlin: Springer-Verlag, 1998, vol. 1465, Lecture Notes in Computer Science, pp. 172-177.
18. B. Lampson, M. Abadi, M. Burrows, and E. Wobber, "Authentication in distributed systems: Theory and practice," ACM Trans. Computer Syst., vol. 10, no. 4, pp. 265-310, Nov. 1992.
19. I. Lehti and P. Nikander, "Cerifying trust," in Proc. 1st Int. Workshop Practice Theory Public Key Cryptography, PKC'98, H. Imai and Y. Theng, Eds., 1998, pp. 83-98.
20. U. Maurer, "Modeling a public-key infrastructure," in Proc. 1996 European Symp. Res. Computer Security (ESORICS'96), E. Bertino, H. Kurth, G. Martella, and E. Montolivo, Eds. Berlin: Springer, LNCS, 1996, Lecture Notes in Computer Science, pp. 325-350.
21. U. Maurer and P. Schmid, "A calculus for secure channel establishment in open networks," in Proc. 1994 European Symp. Res. Computer Security (ESORICS'94), D. Gollmann, Ed., 1994, vol. 875, Lecture Notes in Computer Science, pp. 175-192.
22. S. Micali, "Efficient certificate revocation,", Tech. Rep., Tech. Memo MIT/LCS/TM-542b, 1996.
23. M. Myers, "Revocation: Options and challenges," in Financial Cryptography, R. Hirschfeld, Ed. Berlin: Springer-Verlag, 1998, vol. 1465, Lecture Notes in Computer Science, pp. 165-172.
24. M. Naor and K. Nissim, "Certificate revocation and certificate update," in Proc. Usenix'98, Jan. 1998, pp. 217-228.
25. M. Reiter and S. Stubblebine, "Path independence for authentication in large-scale systems," in Proc. 4th ACM Conf. Computer Commun. Security, 1997, pp. 57-66.
26. R. Rivest, "Can we eliminate certificate revocation lists?," in Proc. Financial Cryptography 1998, R. Hirschfeld, Ed., pp. 178-183.
27. R. Rivest and B. Lampson. SDSI - A simple distributed security infrastructure, presented at CRYPTO'96 Rumpsession. Online. Available: http://theory.lcs.mit.edu∧∼cis/sdsi.html
28. W. Stallings, Protect Your Privacy. Englewood Cliffs, NJ: Prentice-Hall, 1996.
29. S. Stubblebine and R. Wright, "An authentication logic supporting synchronization, revocation, and recency," in Proc. SIGSAC: 3rd ACM Conf. Computer Commun. Security, 1996.
30. P. Syverson and C. Meadows, "A logical language for specifying cryptographic protocols requirements," in IEEE Conf. Research Security Privacy, 1993, pp. 165-180.
31. N. Wirth, "What can we do about the unnecessary diversity of notation for syntactic definitions?," Commun. ACM, vol. 20, no. 11, pp. 822-823, 1977.
32. R. Yaholem, B. Klein, and T. Beth, "Trust relationships in secure systems - A distributed authentication perspective," in Proc. IEEE Conf. Research Security Privacy, 1993, pp. 150-164.
33. P. R. Zimmermann, The Official PGP User's Guide. Cambridge, MA: MIT Press, 1995.