scispace - formally typeset
Search or ask a question
Topic

Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.


Papers
More filters
Proceedings ArticleDOI
10 Apr 2010
TL;DR: This work proposes a novel certificateless blind signature scheme based on pairings and gives formal security definitions of blindness and unforgeability in the scheme and shows that the proposed scheme is provably secure in the random oracle model.
Abstract: Certificateless public key cryptography is a new paradigm introduced by AI-Riyami and Paterson. It eliminates the need of the certificates in traditional public key cryptosystems and the key escrow problem in Identity-based Public Key Cryptography (ID-PKC). Due to the advantages of the certificateless public key cryptography, we propose a novel certificateless blind signature scheme based on pairings in the paper. Firstly, we give formal security definitions of blindness and unforgeability in our scheme. Then an concrete instance is given and we show that the proposed scheme is provably secure in the random oracle model. The security of our schemes is proven based on the hardness of computational Diffie-Hellman problem and the bilinear pairing inversion Problem (BPI). Finally, by comparing our scheme with Zhang's scheme in terms of computational cost and the signature size, we show that our scheme is more efficient, since no pairing computation is required in the signing, and only one pairing computation is required in the verifying phase.

9 citations

Patent
Li Jiguo, Li Tao, Zhang Yichen, Wang Yao, Li Feifei 
04 Jan 2017
TL;DR: In this article, an Internet of vehicle condition privacy protection method based on certificateless aggregate signcryption and a system, wherein the method and the system have excellent performance based on a certificateless password system.
Abstract: The invention discloses an Internet of vehicle condition privacy protection method based on certificateless aggregate signcryption and a system, wherein the method and the system have excellent performance based on a certificateless password system. According to the method, problems of certificate management and secret key escrow can be avoided, calculation efficiency of the Internet of vehicle during aggregate signcryption verification and aggregate signcryption efficiency during network transmission are improved, condition privacy protection of Internet-of-vehicle users is realized, and the method and the system can be safely utilized in the open Internet of vehicle.

8 citations

Proceedings ArticleDOI
Yang Lu1, Jiguo Li1
18 Aug 2009
TL;DR: This paper introduces a new notion called Forward-Secure Certificate-Based Encryption, which preserves the advantages of CBE such as implicit certificate and no private key escrow and also inherits the properties of the forward-secure public key encryption.
Abstract: Certificate-based encryption (CBE) is a new paradigm which overcomes the shortcomings of traditional public-key encryption (PKE) and identity based encryption (IBE). CBE provides an efficient implicit certificate mechanism to eliminate third-party queries for the certificate status and to simplify the certificate revocation problem in traditional PKI. Therefore, CBE can be used to construct an efficient PKI requiring fewer infrastructures. It also solves the key escrow and key distribution problem inherent in IBE. In this paper, we introduce a new notion called Forward-Secure Certificate-Based Encryption. It preserves the advantages of CBE such as implicit certificate and no private key escrow. At the same time it also inherits the properties of the forward-secure public key encryption. We also propose a concrete and efficient forward-secure CBE scheme and prove it to be secure based on the bilinear Diffie-Hellman assumption in the random oracle model.

8 citations

Journal ArticleDOI
TL;DR: It is found that, contrary to Juniper's public statements, the ScreenOS VPN implementation has been vulnerable to passive exploitation by an attacker who selects the Dual EC curve point since 2008.
Abstract: In December 2015, Juniper Networks announced multiple security vulnerabilities stemming from unauthorized code in ScreenOS, the operating system for their NetScreen Virtual Private Network (VPN) routers. The more sophisticated of these vulnerabilities was a passive VPN decryption capability, enabled by a change to one of the parameters used by the Dual Elliptic Curve (EC) pseudorandom number generator.In this paper, we described the results of a full independent analysis of the ScreenOS randomness and VPN key establishment protocol subsystems, which we carried out in response to this incident. While Dual EC is known to be insecure against an attacker who can choose the elliptic curve parameters, Juniper had claimed in 2013 that ScreenOS included countermeasures against this type of attack. We find that, contrary to Juniper's public statements, the ScreenOS VPN implementation has been vulnerable to passive exploitation by an attacker who selects the Dual EC curve point since 2008. This vulnerability arises due to flaws in Juniper's countermeasures as well as a cluster of changes that were all introduced concurrently with the inclusion of Dual EC in a single 2008 release. We demonstrate the vulnerability on a real NetScreen device by modifying the firmware to install our own parameters, and we show that it is possible to passively decrypt an individual VPN session in isolation without observing any other network traffic. This incident is an important example of how guidelines for random number generation, engineering, and validation can fail in practice. Additionally, it casts further doubt on the practicality of designing a safe "exceptional access" or "key escrow" scheme of the type contemplated by law enforcement agencies in the United States and elsewhere.

8 citations

Journal ArticleDOI
TL;DR: In this paper, the authors argue that digital signature laws, which impose a particular view of electronic commerce, should be abandoned, in favor of laws which remove specific, well-defined barriers to electronic commerce and which allow the electronic commerce marketplace to evolve unfettered.
Abstract: “Legislating Market Winners” argues that certain enacted digital signature laws are premised upon false assumptions, and inappropriately enshrine a business model which would not evolve naturally in the marketplace. In attempting to solve an unsolvable liability allocation problem, such legislation harms consumers and the future evolution of electronic commerce. The article points out that alternative business models can solve the liability allocation problem. Despite obvious flaws, legislation of this type continues to be proposed, partly because the infrastructure created by these laws coincides with the needs of key escrow proponents. Ultimately the article argues that digital signature laws, which impose a particular view of electronic commerce, should be abandoned, in favor of laws which remove specific, well-defined barriers to electronic commerce and which allow the electronic commerce marketplace to evolve unfettered.

8 citations


Network Information
Related Topics (5)
Encryption
98.3K papers, 1.4M citations
85% related
Routing protocol
46.5K papers, 901.8K citations
80% related
Wireless ad hoc network
49K papers, 1.1M citations
79% related
Key distribution in wireless sensor networks
59.2K papers, 1.2M citations
78% related
Server
79.5K papers, 1.4M citations
78% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20241
202351
202289
202150
202072
201958