期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种安全高效的入侵容忍CA方案 被引量:7

A Secure and High Efficient Intrusion Tolerance CA Scheme
下载PDF
导出
摘要 CA是PKI中的关键设施。CA的私钥一旦泄漏,该CA签发的所有证书就只能全部作废;因此,保护在线CA私钥的安全是非常重要的。将CA的私钥以门限密码技术分享在n个部件中,不仅保证了CA私钥的机密性和可用性,同时使CA具备了入侵容忍性。所提出的CA方案,私钥以Shamir的拉格朗日多项式方式分享,更适合实际需求,实验表明具有良好的性能。 CA(certificate authority) is a critical component in PKI. When the private key of a CA is compromised, all the certificates issued by that CA should be revoked. Keeping the private key secret while providing service online is very important for a CA. Distributing private key of CA into n components via threshold cryptography can not only make the private key of CA secret and usability, but also make CA can tolerate some intrusion. A CA scheme and its private key distribute with Shamir's Lagarange polynomial secret shares, suit needs more practically. At last, security, efficiency and usability of the CA scheme are analyzed security. Through analysis, the scheme has good performance.
作者 韩卫 白灵
机构地区 燕山大学信息科学与工程学院
出处 《科学技术与工程》 2005年第12期819-823,共5页 Science Technology and Engineering
基金 河北省教育厅自然科学项目(2004467)资助
关键词 入侵容忍 CA 秘密分享 门限签名 RSA intrusion tolerance CA secret sharing threshold digital signature RSA
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献11

  • 1[1]Wu T, Malkin M, Boneh D. Building intrusion tolerant applications.Proceedings of the USENIX Security Symposium, 1999:79-91
  • 2[2]Rivest R, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystem. Communications of the ACM,1978;21(2):120-126
  • 3荆继武,冯登国.一种入侵容忍的CA方案[J].软件学报,2002,13(8):1417-1422. 被引量:65
  • 4张险峰,刘锦德.一种基于门限ECC的入侵容忍CA方案[J].计算机应用,2004,24(2):5-8. 被引量:21
  • 5[5]Shamir A. How to share a secret. Communications of the ACM,1979; 22(11):612-613
  • 6[6]Chor B, GoldWasser S, Micali S, Awerbuch B. Verifiable secret sharing and achieving simultaneity in the presence of faults.Proceedings of 26th IEEE Symposium on Foundations of Computer Science. 1985:251-260
  • 7[7]Pedersen T. Non-interactive and information-theoretic secure verifiable secret sharing. Advances in Cryptology-Crypto' 91. 1991:129-140
  • 8[8]Gennaro R. Theory and practice of verifiable secret sharing. USA:Massachusetts Institute of Technology(MIT), 1996
  • 9[9]Feldman P. A practical scheme for non-interactive verifiable secret sharing. Proceedings of 28th IEEE Symposium on Foundations of Computer Science. 1987:427-437
  • 10[10]Gennaro R, Rabin M, Babin T. Simplified VSS and fast-track multiparty computations with applications to threshold cryptography. Proceedings of 1998 ACM Symposium on Principles of Distributed Computing. Mexico: Puerto Vallarta, 1998:101-111

二级参考文献7

  • 1[1]Gemmell, P.S. An introduction to threshold cryptography. CryptoBytes, 1977,2(7):7~12.
  • 2[2]Wu, T., Malkin, M., Boneh, D. Building intrusion-tolerant applications. In: Proceedings of the USENIX Security Symposium. 1999. 79~91.
  • 3[3]Shoup, V. Practical threshold signatures. In: Proceedings of the Eurocrypt 2000. Bruges (Brugge): Springer-Verlag, 2000. 207~220.
  • 4[4]Frankel, Y., Gemmell, P., MacKenzie, P.D., et al. Optimal-Resilience proactive public-key cryptosystems. In: IEEE Symposium on Foundations of Computer Science. 1997. 384~393.
  • 5徐秋亮,李大兴.椭圆曲线密码体制[J].计算机研究与发展,1999,36(11):1281-1288. 被引量:66
  • 6张险峰,秦志光,刘锦德.椭圆曲线加密系统的性能分析[J].电子科技大学学报,2001,30(2):144-147. 被引量:36
  • 7荆继武,冯登国.一种入侵容忍的CA方案[J].软件学报,2002,13(8):1417-1422. 被引量:65

共引文献76

同被引文献22

引证文献7

二级引证文献1

科学技术与工程
2005年 第12期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部