Verfügbarkeit: Rethinking public key infrastructures and digital certificates

Rethinking public key infrastructures and digital certificates: building in privacy

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Brands, Stefan A. (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Cambridge, Mass.[u.a.] MIT Press 2001
Ausgabe:	2. print.
Schlagworte:	Kryptologie Computersicherheit
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	XXI, 314 S.
ISBN:	0262024918

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV035877147
003	DE-604
005	00000000000000.0
007	t
008	091210s2001 \|\|\|\| 00\|\|\| eng d
020			\|a 0262024918 \|9 0-262-02491-8
035			\|a (OCoLC)635255491
035			\|a (DE-599)BVBBV035877147
040			\|a DE-604 \|b ger \|e rakwb
041	0		\|a eng
049			\|a DE-739
084			\|a ST 276 \|0 (DE-625)143642: \|2 rvk
084			\|a DAT 465f \|2 stub
100	1		\|a Brands, Stefan A. \|e Verfasser \|4 aut
245	1	0	\|a Rethinking public key infrastructures and digital certificates \|b building in privacy \|c Stefan A. Brands
250			\|a 2. print.
264		1	\|a Cambridge, Mass.[u.a.] \|b MIT Press \|c 2001
300			\|a XXI, 314 S.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650	0	7	\|a Kryptologie \|0 (DE-588)4033329-2 \|2 gnd \|9 rswk-swf
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
689	0	0	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	0	1	\|a Kryptologie \|0 (DE-588)4033329-2 \|D s
689	0		\|5 DE-604
856	4	2	\|m Digitalisierung UB Passau \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=018734810&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-018734810

Datensatz im Suchindex

_version_	1804140854616522752
adam_text	Contents Foreword xi Preface xiii Summary xvii List of Figures xxiii 1 Introduction 1 1.1 Digital certificates and PKIs ..................... 1 1.1.1 From paper-based to digital certificates ........... 1 1.1.2 Identity certificates ...................... 3 1.1.3 Central database paradigm .................. 6 1.1.4 Attribute certificates ..................... 9 1.1.5 Certificate revocation and validation ............. 13 1.1.6 Smartcard integration ..................... 15 1.2 Privacy issues ............................. 20 1.2.1 Privacy dangers ........................ 20 1.2.2 Previous privacy-protection efforts and their shortcomings . 25 1.2.3 Desirable privacy properties ................. 30 1.3 Outlook ................................ 32 1.3.1 Basic building blocks ..................... 32 1.3.2 Additional privacy techniques ................ 34 1.3.3 Security techniques ...................... 35 1.3.4 Smartcard integration ..................... 37 1.3.5 Security and privacy guarantees ............... 39 1.3.6 Applicability ......................... 40 2 Cryptographic Preliminaries 41 2.1 Notation, terminology, and conventions ............... 41 2.1.1 Basic notation ........................ 41 2.1.2 Algorithms, security parameters, and probability ...... 42 2.1.3 Interactive algorithms and protocols . . ........... 44 2.1.4 Attack models ........................ 45 2.1.5 Security reductions and the random oracle model ...... 48 2.2 One-way functions .......................... 49 2.2.1 Definition ........................... 49 2.2.2 The DL function ....................... 51 2.2.3 The RSA function ...................... 56 2.3 Collision-intractable functions .................... 58 2.3.1 Definition ........................... 58 2.3.2 The DLREP function ..................... 59 2.3.3 The RSAREP function .................... 62 2.3.4 Comparison .......................... 65 2.4 Proofs of knowledge ......................... 66 2.4.1 Definition ........................... 66 2.4.2 Security for the prover .................... 67 2.4.3 Proving knowledge of a DL-representation ......... 71 2.4.4 Proving knowledge of an RSA-representation ........ 75 2.5 Digital signatures ........................... 77 2.5.1 Definition ........................... 77 2.5.2 From proofs of knowledge to digital signature schemes ... 79 2.5.3 Digital signatures based on the DLREP function ...... 81 2.5.4 Digital signatures based on the RSAREP function ...... 84 2.6 Digital certificates ........................... 86 2.6.1 Definition of public-key certificates ............. 86 2.6.2 Definition of secret-key certificates ............. 87 2.6.3 Comparison .......................... 89 2.7 Bibliographic notes .......................... 90 Showing Protocols with Selective Disclosure 91 3.1 Introduction .............................. 91 3.2 How to commit ............................ 92 3.3 Formulae with zero or more AND connectives ........... 93 3.3.1 Technique based on the DLREP function .......... 93 3.3.2 Technique based on the RSAREP function ......... 105 3.4 Formulae with one NOT connective ................ 108 3.4.1 Technique based on the DLREP function .......... 108 3.4.2 Technique based on the RSAREP function ......... 118 3.5 Atomic formulae connected by OR connectives .......... 119 3.5.1 Technique based on the DLREP function .......... 119 3.5.2 Technique based on the RSAREP function ......... 123 3.6 Demonstrating arbitrary Boolean formulae .............. 123 3.6.1 Technique based on the DLREP function .......... 123 3.6.2 Technique based on the RS AREP function ......... 126 3.7 Optimizations and extensions ..................... 128 3.8 Bibliographic notes .......................... 130 4 Restrictive Blind Issuing Protocols 131 4.1 Restrictive blinding .......................... 131 4.2 Practical constructions ........................ 134 4.2.1 Restrictive blinding based on the DLREP function ..... 135 4.2.2 Restrictive blinding based on the RSAREP function ..... 139 4.2.3 Comparison .......................... 140 4.3 Analysis ................................ 146 4.3.1 Completeness ......................... 146 4.3.2 Privacy for the receiver .................... 147 4.3.3 Security for the Certificate Authority .....:...... 149 4.3.4 Additional properties ..................... 160 4.4 Parallelization of protocol executions ................. 162 4.4.1 Masking the initial witness .................. 163 4.4.2 Swapping exponents in the verification relation ....... 166 4.5 Other certificate schemes ....................... 171 4.5.1 DSA-like certificates ..................... 171 4.5.2 Certificates based on Chaum-Pedersen signatures ...... 175 4.6 Bibliographic notes .......................... 178 5 Combining Issuing and Showing Protocols 181 5.1 Integration ............................... 181 5.1.1 Making the match ...................... 181 5.1.2 Coping with delegation .................... 185 5.2 Privacy improvements for certificate holders ............. 189 5.2.1 Issuing protocol techniques .................. 189 5.2.2 Showing protocol techniques ................. 191 5.3 Privacy improvements for certificate verifiers ............ 193 5.4 Limited-show certificates ....................... 197 5.4.1 Static one-show certificates .................. 197 5.4.2 Dynamic one-show certificates ................ 201 5.4.3 Increasing the threshold ................... 207 5.5 Security improvements ........................ 208 5.5.1 Benefits of encoding identifiers ............... 208 5.5.2 How to discourage lending .................. 211 5.5.3 Non-repudiation ....................... 212 5.5.4 How to discourage discarding ................ 213 5.5.5 Guarding the secret key of the Certificate Authority ..... 213 5.6 Bibliographie notes .......................... 216 6 Smartcard Integration 219 6.1 Shortcomings of the smartcard-only paradigm ............ 219 6.1.1 Privacy dangers ........................ 219 6.1.2 Other shortcomings ...................... 223 6.2 Combining smartcards and software-only devices .......... 224 6.2.1 Benefits ............................ 225 6.2.2 How not to cope with subliminal channels .......... 227 6.3 Secure smartcard integration ..................... 230 6.3.1 Technique based on the DLREP function .......... 230 6.3.2 Technique based on the RSAREP function ......... 236 6.4 Privacy protection ........................... 238 6.4.1 Inflow prevention ....................... 239 6.4.2 Outflow prevention ...................... 240 6.4.3 Prevention of other data leakage channels .......... 242 6.4.4 Restricting the level of privacy protection .......... 245 6.5 Other techniques ........................... 247 6.5.1 Implementation in low-cost smartcards ........... 248 6.5.2 Returning certificates ..................... 250 6.5.3 How to discourage remote lending .............. 251 6.5.4 Bearer certificates ....................... 252 6.5.5 Loose ends .......................... 253 6.6 Bibliographic notes .......................... 254 Epilogue: The Broader Perspective 257 References 273 Index 307 Curriculum Vitae 315
any_adam_object	1
author	Brands, Stefan A.
author_facet	Brands, Stefan A.
author_role	aut
author_sort	Brands, Stefan A.
author_variant	s a b sa sab
building	Verbundindex
bvnumber	BV035877147
classification_rvk	ST 276
classification_tum	DAT 465f
ctrlnum	(OCoLC)635255491 (DE-599)BVBBV035877147
discipline	Informatik
edition	2. print.
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01368nam a2200361 c 4500</leader><controlfield tag="001">BV035877147</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">00000000000000.0</controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">091210s2001 \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0262024918</subfield><subfield code="9">0-262-02491-8</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)635255491</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV035877147</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-739</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">DAT 465f</subfield><subfield code="2">stub</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Brands, Stefan A.</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Rethinking public key infrastructures and digital certificates</subfield><subfield code="b">building in privacy</subfield><subfield code="c">Stefan A. Brands</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">2. print.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Cambridge, Mass.[u.a.]</subfield><subfield code="b">MIT Press</subfield><subfield code="c">2001</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXI, 314 S.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Kryptologie</subfield><subfield code="0">(DE-588)4033329-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Kryptologie</subfield><subfield code="0">(DE-588)4033329-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=018734810&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-018734810</subfield></datafield></record></collection>
id	DE-604.BV035877147
illustrated	Not Illustrated
indexdate	2024-07-09T22:06:36Z
institution	BVB
isbn	0262024918
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-018734810
oclc_num	635255491
open_access_boolean
owner	DE-739
owner_facet	DE-739
physical	XXI, 314 S.
publishDate	2001
publishDateSearch	2001
publishDateSort	2001
publisher	MIT Press
record_format	marc
spelling	Brands, Stefan A. Verfasser aut Rethinking public key infrastructures and digital certificates building in privacy Stefan A. Brands 2. print. Cambridge, Mass.[u.a.] MIT Press 2001 XXI, 314 S. txt rdacontent n rdamedia nc rdacarrier Kryptologie (DE-588)4033329-2 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Computersicherheit (DE-588)4274324-2 s Kryptologie (DE-588)4033329-2 s DE-604 Digitalisierung UB Passau application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=018734810&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Brands, Stefan A. Rethinking public key infrastructures and digital certificates building in privacy Kryptologie (DE-588)4033329-2 gnd Computersicherheit (DE-588)4274324-2 gnd
subject_GND	(DE-588)4033329-2 (DE-588)4274324-2
title	Rethinking public key infrastructures and digital certificates building in privacy
title_auth	Rethinking public key infrastructures and digital certificates building in privacy
title_exact_search	Rethinking public key infrastructures and digital certificates building in privacy
title_full	Rethinking public key infrastructures and digital certificates building in privacy Stefan A. Brands
title_fullStr	Rethinking public key infrastructures and digital certificates building in privacy Stefan A. Brands
title_full_unstemmed	Rethinking public key infrastructures and digital certificates building in privacy Stefan A. Brands
title_short	Rethinking public key infrastructures and digital certificates
title_sort	rethinking public key infrastructures and digital certificates building in privacy
title_sub	building in privacy
topic	Kryptologie (DE-588)4033329-2 gnd Computersicherheit (DE-588)4274324-2 gnd
topic_facet	Kryptologie Computersicherheit
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=018734810&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT brandsstefana rethinkingpublickeyinfrastructuresanddigitalcertificatesbuildinginprivacy

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge