This paper first takes IoT as an example to provide the motivation for eliminating the single point of trust (SPOT) in a CA-based private PKI. It then describes a distributed public key certificate-issuing infrastructure that eliminates the SPOT and its limitation derived from generating signing keys. Finally, it proposes a method to address its limitation by all certificate issuers.

The application of Intelligent Transport Systems (ITS) transmits data with road-to-vehicle communication (RVC) and inter-vehicle communication (IVC). Digital signature is essential to provide security for RVC and IVC. The public key certificate is used to verify that a public key belongs to an individual prover such as user or terminal. A certificate revocation list (CRL) is used for verifying validity of the public key certificate. A certificate authority (CA) publishes a CRL and distributes it to vehicles. CRL distribution traffic disturbs ITS application traffic because of sharing wireless channel between them. To distribute it on low bit rate will help to ease the disturbance. Although multiplex transmitting is effective in reliable communication, a duplication of received packets is waste of bandwidth as a consequence. This paper proposes a CRL distribution scheme based on random network coding which can reduce duplicate packets. The simulation results show that the number of duplicate packets of the proposed scheme is less than that of a simple error correction (EC)-based scheme and the proposed one can distribute CRL to more vehicles than EC-based ones.

To overcome the privacy limitations of conventional PKI (Public Key Infrastructure) systems, combinatorial certificate schemes assign each certificate to multiple users so that users can perform anonymous authentication. From a certificate pool of N certificates, each user is given n certificates. If a misbehaving user revokes a certificate, all the other users who share the revoked certificate will also not be able to use it. When an honest user shares a certificate with a misbehaving user and the certificate is revoked by the misbehaving user, the certificate of the honest user is said to be covered. To date, only the analysis for the worst scenario has been conducted; the probability that all n certificates of an honest user are covered when m misbehaving users revoke their certificates is known. The subject of this article is the following question: how many certificates (among n certificates) of an honest user are covered on average when m misbehaving users revoke their certificates? We present the first average-case analysis of the cover probability in combinatorial certificate schemes.

To enhance the privacy of vehicle owners, combinatorial certificate management schemes assign each certificate to a large enough group of vehicles so that it will be difficult to link a certificate to any particular vehicle. When an innocent vehicle shares a certificate with a misbehaving vehicle and the certificate on the misbehaving vehicle has been revoked, the certificate on the innocent vehicle also becomes invalid and is said to be covered. When a group of misbehaving vehicles collectively share all the certificates assigned to an innocent vehicle and these certificates are revoked, the innocent vehicle is said to be covered. We point out that the previous analysis of the vehicle cover probability is not correct and then provide a new and exact analysis of the vehicle cover probability.

Digital Rights Management (DRM) ensures that the usage of digital media adheres to the intentions of the copyright holder and prevents the unauthorized modification or distribution of media. Due to the widespread adoption of digital content use, DRM has received a fair amount of attention and has seen implementation in many commercial models. Although many DRM schemes have been introduced in the literature, they still suffer from some security issues and may not guarantee the quality of performance. In this paper, we propose a trust-distributed DRM model to provide improvements for realistic DRM environments to bring more functionality to users. We use the features of the smart cards to provide an option of anonymity for the consumer while continuing to protect the rights of the copyright holder and the financial interests of the media industry. We also classify the security criteria of DRM systems and show that our proposed smart card based DRM scheme satisfies all of these criteria.

When we consider user's convenience for electronic transactions, it might be desirable to generate a digital signature using biometrics. However, it is not easy nor practicable in today's communications environment because of inaccurate measuring and potential hill-climbing attacks with regard to biometrics, unless specific hardware storage is provided for manipulating signature keys or biometric templates securely. In this paper, we study a simple practical method for biometrics based digital signature generation without such restriction. It is based on the existing tools in software in our proposed model where a general digital signature such as RSA can be applied without losing its security. This is not a cryptography paper but rather written from the practical perspectives.

In this paper, we first briefly discuss the newly emerging Secured JPEG (JPSEC) standard for security services for JPEG 2000 compressed images. We then propose our novel approach for applying authentication to JPEG 2000 images in a scalable manner. Our authentication technique can be used for source authentication, nonrepudiation and integrity verification for the received possibly transcoded JPEG 2000 images in such a way that it is possible to authenticate different resolutions or different qualities extracted or received from a JPEG 2000 encoded image. Three different implementation methods for our authentication technique are presented. Packet-Based Authentication involves using the MD5 hashing algorithm for calculating the hash value for each individual packet in the JPEG 2000 codestream. Hash values are truncated to a specified length to reduce the overhead in storage space, concatenated into a single string, and then signed using the RSA algorithm and the author's private key for repudiation prevention. Resolution-Based Authentication and Quality-Based Authentication methods involve generating a single hash value from all contiguous packets from each entire resolution or each entire quality layer, respectively. Our algorithms maintain most of the inherent flexibility and scalability of JPEG 2000 compressed images. The resultant secured codestream is still JPEG 2000 compliant and compatible with JPEG 2000 compliant decoders. Also, our algorithms are compatible with the Public Key Infrastructure (PKI) for preventing signing repudiation from the sender and are implemented using the new JPSEC standard for security signaling.

The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.

Recently, networked cryptographic devices resilient to capture have been presented in 2001 IEEE Symposium on Security and Privacy. This letter presents a practical combination of the networked cryptographic devices and the password-based cryptography standard, PKCS#5, that is beneficial to security, efficiency, and conformance.

Certificate Revocation is a critical issue for a practical, public-key infrastructure. A new efficient revocation protocol using a one-way hash tree structure (instead of the classical list structure, which is known as a standard for revocation), was proposed and examined to reduce communication and computation costs. In this paper, we analysis a k-ary hash tree for certificate revocation and prove that k = 2 minimizes communication cost.