Access Restriction

Author Jing, Jiwu ♦ Liu, Peng ♦ Feng, Dengguo ♦ Xiang, Ji ♦ Gao, Neng ♦ Lin, Jingqiang
Source CiteSeerX
Content type Text
File Format PDF
Language English
Subject Domain (in DDC) Computer science, information & general works ♦ Data processing & computer science
Subject Keyword Areca System ♦ Online Ca ♦ Highly Attack Resilient Certification Authority ♦ Multi-layer System Architecture ♦ Different Share ♦ Defense-in-depth Protection ♦ Outside Attack ♦ System Component ♦ Important Issue ♦ Multi-layer Ca Protection Architecture ♦ Critical Component ♦ System Administrator ♦ Intrusion Tolerant Ca ♦ Private Key ♦ Outsider Attack ♦ Phase Signature Composition Scheme ♦ Several Threshold-cryptography-based Method ♦ Certification Authority ♦ Threshold Cryptography
Description Certification Authorities (CA) are a critical component of a PKI. All the certificates issued by a CA will become invalid when the (signing) private key of the CA is compromised. Hence it is a very important issue to protect the private key of an online CA. ARECA systems, built on top of threshold cryptography, ensure the security of a CA through a series of defense-in-depth protections. ARECA systems won’t be compromised when a few system components are compromised or some system administrators betray. The private key of a CA is protected by distributing different shares of the key to different (signing) components and by ensuring that any component of the CA is unable to reconstruct the private key. In addition, the multi-layer system architecture of ARECA makes it very difficult to attack from outside. Several threshold-cryptography-based methods are proposed in the literature to construct an intrusion tolerant CA, and the uniqueness of ARECA is that it engineers a novel two phase signature composition scheme and a multi-layer CA protection architecture. As a result, ARECA is (a) practical, (b) highly resilient to both insider and outsider attacks that compromise one or more components, and (c) can prevent a variety of outside attacks.
Proc. ACM First Workshop on Survivable and Self-Regenerative Systems
Educational Role Student ♦ Teacher
Age Range above 22 year
Educational Use Research
Education Level UG and PG ♦ Career/Technical Study
Learning Resource Type Article
Publisher Date 2003-01-01