Showing papers on "Revocation published in 2005"

Accumulators from bilinear pairings and applications

Abstract: We propose a dynamic accumulator scheme from bilinear pairings and use it to construct an identity-based (ID-based) ring signature scheme with constant-size signatures and to provide membership revocation to group signature schemes, identity escrow schemes and anonymous credential systems. The ID-based ring signature scheme and the group signature scheme have very short signature sizes. The size of our group signatures with membership revocation is only half the size of those in the well-known ACJT00 scheme, which does not provide membership revocation. The schemes do not require trapdoor, so system parameters can be shared by multiple groups belonging to different organizations. All schemes are provably secure in formal models. We generalize the definition of accumulators and provide formal models for ID-based ad-hoc anonymous identification schemes and identity escrow schemes with membership revocation.

On the distribution and revocation of cryptographic keys in sensor networks

Abstract: Key management has two important aspects: key distribution, which describes how to disseminate secret information to the principals so that secure communications can be initiated, and key revocation, which describes how to remove secrets that may have been compromised. Key management in sensor networks face constraints of large scale, lack of a priori information about deployment topology, and limitations of sensor node hardware. While key distribution has been studied extensively in recent works, the problem of key and node revocation in sensor networks has received relatively little attention. Yet, revocation protocols that function correctly in the presence of active adversaries pretending to be legitimate protocol participants via compromised sensor nodes are essential. In their absence, an adversary could take control of the sensor network's operation by using compromised nodes which retain their network connectivity for extended periods of time. In this paper, we present an overview of key-distribution methods in sensor networks and their salient features to provide context for understanding key and node revocation. Then, we define basic properties that distributed sensor-node revocation protocols must satisfy and present a protocol for distributed node revocation that satisfies these properties under general assumptions and a standard attacker model.

Verifier-Local revocation group signature schemes with backward unlinkability from bilinear maps

Abstract: An approach of membership revocation in group signatures is verifier-local revocation (VLR for short). In this approach, only verifiers are involved in the revocation mechanism, while signers have no involvement. Thus, since signers have no load, this approach is suitable for mobile environments. Although Boneh and Shacham recently proposed a VLR group signature scheme from bilinear maps, this scheme does not satisfy the backward unlikability. The backward unlikability means that even after a member is revoked, signatures produced by the member before the revocation remain anonymous. In this paper, we propose VLR group signature schemes with the backward unlinkability from bilinear maps.

Content revocation and license modification in a digital rights management (DRM) system on a computing device

Abstract: Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.

System and method for privilege management and revocation

Abstract: The present disclosure relates generally to the management of privileges associated with certain applications that are accessible by users of electronic equipment, such as, for example, networked computers, mobile wireless communications devices, and the like. In particular, the disclosure is directed to systems and methods for managing privileges associated with particular applications and for revoking these privileges in a timely and robust manner. For example, the device keeps track of which applications get access to which privileges. When policies or application control changes, the system detects which privileges have been revoked for which applications. This can be accomplished by simply comparing the old set of privileges with the new set of privileges. For each revoked privilege for a given application, the system determines if the application has ever accessed that privilege in the past. If an application has accessed a privilege that is now revoked at any time in the past, the device is reset. To ensure that privileges that may be passed between applications are not overlooked, the device is arranged to perform a reset if any revoked privilege accessible by the device is one that may be passed between applications.

A Public-Key Traitor Tracing Scheme with Revocation Using Dynamic Shares

Abstract: We proposed a new public-key traitor tracing scheme with revocation capability using dynamic shares and entity revocation techniques. Our scheme's traitor tracing and revocation programs cohere tightly. The size of the enabling block of our scheme is independent of the number of receivers. Each receiver holds one decryption key only. The distinct feature of our scheme is that when traitors are found, we can revoke their private keys (up to some threshold z) without updating the private keys of other receivers. In particular, no revocation messages are broadcast and all receivers do nothing. Previously proposed revocation schemes need update existing keys and entail large amount of broadcast messages. Our traitor tracing algorithm works in a black-box way. It is conceptually simple and fully k-resilient, that is, it can find all traitors if the number of them is k or less. The encryption algorithm of our scheme is semantically secure assuming that the decisional Diffie-Hellman problem is hard.

Mechanism to control delegation and revocation of tasks in workflow system

Abstract: A method to revoke a task includes receiving task data, the task data including information regarding a task to be performed. The method further includes receiving delegation data, the delegation data including information identifying a delegator of the task and a delegatee to perform the task. The method further includes receiving revocation task data, with the revocation task data having as its object at least aspects of the task.

Key revocation in a mobile device

Abstract: A system for revoking access to a mobile device comprises a mobile device providing a plurality of applications and an agent providing a plurality of revocation procedures for revoking access by the mobile device to the plurality of applications running on the mobile device. Access to a first application is revoked by the agent using a first revocation procedure, and access to a second application is revoked by the agent using a second revocation procedure.

Verifier-local revocation group signature schemes with backward unlinkability from bilinear maps

Abstract: An approach of membership revocation in group signatures is verifier-local revocation (VLR for short). In this approach, only verifiers are involved in the revocation mechanism, while signers have no involvement. Thus, since signers have no load, this approach is suitable for mobile environments. Although Boneh and Shacham recently proposed a VLR group signature scheme from bilinear maps, this scheme does not satisfy the backward unlikability. The backward unlikability means that even after a member is revoked, signatures produced by the member before the revocation remain anonymous. In this paper, we propose VLR group signature schemes with the backward unlinkability from bilinear maps.

Lazy revocation in cryptographic file systems

Abstract: A crucial element of distributed cryptographic file systems are key management solutions that allow for flexible but secure data sharing. We consider efficient key management schemes for cryptographic file systems using lazy revocation. We give rigorous security definitions for three cryptographic schemes used in such systems, namely symmetric encryption, message-authentication codes and signature schemes. Additionally, we provide generic constructions for symmetric encryption and message-authentication codes with lazy revocation using key-updating schemes for lazy revocation, which have been introduced recently. We also give a construction of signature schemes with lazy revocation from identity-based signatures. Finally, we describe how our constructions improve the key rotation mechanism in the Plutus file system

License Management in a Privacy Preserving Information Distribution System

Abstract: A system and method for transferring licenses from a first user to one or several other users in an information distribution system, while providing privacy for said users. The level of privacy is enhanced by the license format and the use of a master license, an anonymous license and by the inclusion of a revocation lists in the certificate corresponding to a license.

How to solve key escrow and identity revocation in identity-based encryption schemes

Abstract: In identity-based cryptography, a user's public key is easily derived from the user's identity and a corresponding private key is generated for the user by a trusted third party, known as a Key Generation Center (KGC). The direct derivation of public keys in identity-based cryptography can eliminate the need for certificates and can solve certain public key management problems. Identity-based cryptography has many advantages for public key management, but it has two drawbacks that prevent its practical application in the real world: key escrow problems and lack of support for a fine-grained revocation of identity. At present, there is no solution that can simultaneously solve both problems; schemes that can solve the key escrow problem still have the identity revocation problem, and vice versa. In this paper, we consider a secure identity-based encryption scheme to support a fine-grained revocation without key escrow and also present a mediated key agreement protocol based on the same setting. Using the proposed scheme, we can apply identity-based cryptography more securely and practically in the real world.

EPO neem patent revocation revives biopiracy debate

Abstract: Traditional knowledge exploited by biotech companies warrants some compensation.

A mediated proxy signature scheme with fast revocation for electronic transactions

Abstract: Proxy signature schemes allow an original signer to delegate his signing rights to a proxy signer. Most proxy signature schemes have succeeded for proxy delegations and they are considered very useful methods when one needs to delegate his signing power to other person in digital business. However, many proxy signature schemes have the defects that cannot solve proxy revocation problems. Moreover, they cannot provide the immediate revocation, even if a proxy signer colludes with any malicious attacker. In this paper, we propose a mediated proxy signature scheme with fast revocation. Our scheme solves the weaknesses of most proxy signature schemes and satisfies the security requirements for proxy signature scheme. And it also provides an effective proxy revocation whenever the original signer wants or signer's key is compromised.

Application revocation using an application revocation list in a portable electronic device

Abstract: A portable electronic device (110) contains an application revocation list (ARL) in memory (135) comprising at least one application identifier (AI) uniquely identifying an application. The portable electronic device also contains an application list memory (133) for storing at least application identifiers for trusted applications in the device. A processor (120) operatively connected to the memory determines whether an application identifier on the application revocation list matches an application identifier on the portable electronic device, and, if so, processes a revocation of the application. The application revocation list can be wirelessly updated. Application software in a portable electronic device can thus subsequently be revoked through operation of this application revocation list. A remote server (140) makes application revocation lists available to portable electronic devices over a network such as a cellular system.

Authorization algorithms for the mobility of user-role relationship

Abstract: The mobility of user-role relationship is a new feature relative to their counterparts in user-role assignments. When an administrative role assigns a role to a user with a mobile membership, this allows the user to use the permissions of the role and to be further added other roles by administrators. Immobile membership grants the user the authority to use the permissions, but does not make the user eligible for further role assignment. Two types of problems may arise in user-role assignment with the mobility of user-role relationship. One is related to authorization granting process. When a role is granted to a user, this role may be conflict with other roles of the user or together with this role; the user may have or derive a high level of authority. Another is related to authorization revocation. When a role is revoked from a user, the user may still have the role from other roles.In this paper, we discuss granting and revocation models related to mobile and immobile memberships between users and roles, then provide proposed authorization granting, weak revocation and strong revocation algorithms that are based on relational algebra and operations. We also describe how to use the new algorithms with an anonymity scalable payment scheme. Finally, comparisons with other related work are made.

How to incorporate revocation status information into the trust metrics for public-key certification

Abstract: In a traditional PKI, the trust associated with a public key is expressed in binary either by 0 or 1. Alternatively, several authors have proposed trust metrics to evaluate the confidence afforded by a public key. However their work has a static point of view and does not take into account the issue of public key revocation. In this paper, we make the first attempt to incorporate the revocation status information into the trust metrics for public key certification. To achieve our goal, we use a tailored form of a vector of trust model recently proposed. This would allow us to reason formally about when there is a need to check revocation status and how reliable the revocation mechanism should be in a given security application.

Performance analysis of scalable certificate revocation schemes for ad hoc networks

Abstract: Certificate revocation is a challenging task, especially in mobile network environments. Several different revocation approaches have been proposed in the literature. However, no performance evaluation and usability studies exist for mobile network environments like ad hoc networks. In this paper a comparison of two different certificate revocation schemes used in the context of ad hoc network scenarios is presented. First the state of the art in certificate revocation is presented and a motivation for its use in the context of ad hoc environments is given. A quick introduction in the theoretical background and overhead calculation of revocation approaches is presented. Further, our two revocation protocols are introduced and simulation results presented. The paper closes with an evaluation and a discussion of the results and gives an outlook on future work

A framework for the revocation of unintended digital signatures initiated by malicious terminals

Abstract: Human users need trusted computers when they want to generate digital signatures. In many applications, in particular, if the users are mobile, they need to carry their trusted computers with themselves. Smart cards are easy to use, easy to carry, and relatively difficult to tamper with, but they do not have a user interface; therefore, the user still needs a terminal for authorizing the card to produce digital signatures. If the terminal is malicious, it can mislead the user and obtain a digital signature on an arbitrary document. In order to mitigate this problem, we propose a solution based on conditional signatures. More specifically, we propose a framework for the controlled revocation of unintended digital signatures. We also propose a solution with a special emphasis on privacy issues.

Method of authorizing access to content

Abstract: A method of and source device (410) for authorizing access to content (425) by a sink device (400) in accordance with usage rights, the content being stored on a storage medium (420) controlled by the source device. The revocation status of the sink device is verified using the most recently issued revocation information that is available if the usage rights need to be modified as part of the authorization of access to the content, and using revocation information associated with the content stored on the storage medium, preferably the revocation information stored on the storage medium, otherwise. The revocation information on the storage medium, or only the part relating to the sink device, is optionally updated to the most recently issued revocation information if the usage rights need to be modified. Preferably this is done only if the result of the verification is that the sink device has been revoked.

Accumulators from Bilinear Pairings and Applications to ID-based Ring Signatures and Group Membership Revocation.

Abstract: 1 Abstract. We propose a dynamic accumulator scheme from bilinear pairings, whose security is based on the Strong Die-Hellman assump- tion. We show applications of this accumulator in constructing an identity- based (ID-based) ring signature scheme with constant-size signatures and its interactive counterpart, and providing membership revocation to group signature, traceable signature and identity escrow schemes and anonymous credential systems. The ID-based ring signature scheme and the group signature scheme have extremely short signature sizes. The size of our group signatures with membership revocation is only half the size of the well-known ACJT00 scheme, which does not provide membership revocation. The schemes do not require trapdoor, so system parameters can be shared by multiple groups belonging to dierent organizations. All schemes proposed are provably secure in formal models. We gener- alize the definition of accumulators to model a wider range of practical accumulators. We provide formal models for ID-based ad-hoc anonymous identification schemes and identity escrow schemes with membership re- vocation, based on existing ones. Keywords: Dynamic accumulators, ID-based, ring signatures, ad-hoc anonymous identification, group signatures, identity escrow, membership revocation, privacy and anonymity.

Administering access control in dynamic coalitions

Abstract: Dynamic coalitions enable autonomous domains to achieve common objectives by sharing resources based on negotiated resource-sharing agreements. A major requirement for administering dynamic coalitions is the availability of a comprehensive set of access control tools. In this paper we discuss the design, implementation, evaluation, and demonstration of such tools. In particular, we have developed tools for negotiating resource-sharing agreements, access policy specification, access review, wholesale and selective distribution and revocation of privileges, and policy decision and enforcement.

Method, apparatus & computer program product for using a lease to manage interpersonal access through computer-mediated communication systems

Abstract: Apparatus, methods, and computer program products are disclosed that use a lease to manage interpersonal communications over a computer-mediated network such as a telephone network or the Internet, whether using textual, audio, or video communication means. The use of the lease allows enables negotiated evolution and revocation of a communication privilege in a socially-acceptable manner.

Caching alternatives for a MANET-oriented OCSP scheme

Abstract: Even though mobile ad hoc networks (MANETs) have been receiving increasing attention for more than a decade, many issues still remain unsolved, including the implementation and design of adequate security and trust mechanisms. The infrastructure-less nature of MANETs renders trust establishment a rather complex issue. Many solutions using public key cryptography and digital certificates have been proposed in this direction. However, the problem of certificate revocation and certificate status information distribution in MANETs has not yet been fully addressed. ADOPT (Ad-hoc Distributed OCSP for Trust) proposes the deployment of a lightweight, distributed, on-demand scheme based on cached OCSP responses, which can efficiently provide up-to-date certificate status information. As accurate and current revocation information is critical for any application based on public key certificates, ADOPT's caching mechanism should ensure that cached responses are updated regularly. This paper discusses caching issues and time parameters concerning ADOPT and proposes various alternatives that fit into different scenarios.

The Hard Suspension Barrier: Does New Mexico’s Interlock Licensing Law Solve the Problem?

Abstract: This paper describes how mandatory programs that currently exist may conflict with license suspension/revocation laws. Although several states have mandated interlocks for multiple driving under the influence (DUI) offenders, these programs have generally failed to produce a high proportion of offenders on interlocks. An important barrier to the effectiveness of these laws has been the conflicting requirements of laws mandating administrative license actions by departments of motor vehicles (DMVs). These include implied-consent suspensions/revocations for refusals of the breath test, administrative license revocation/suspension (ALR/ALS) laws for offenders with blood alcohol concentrations (BACs) higher than the per se limit, and mandatory suspensions/revocations for a DUI conviction. These laws generally specify a minimum period of full or “hard” license suspension/revocation for a DUI offender that precludes the issuance of a limited or “hardship” license or a limited license for driving an interlock-equipped vehicle. Judges have generally been unwilling to require the installation of an interlock when the offender is fully suspended or revoked and unable to drive legally under any circumstances. California provides an example for such a conflict. State law requires a two-year hard suspension for second DUI offenders and, simultaneously, requires judges to impose a mandatory interlock condition on multiple offenders. Despite the interlock mandate, few judges applied the sanction. Further, the interlock programs were poorly monitored and consequently they appeared to have little impact on recidivism. Federal legislation, in reauthorization of the Highway Safety Act – the “Transportation Equity Act of the 21st Century” (TEA-21) – required states to enact a minimum one-year hard suspension for second DUI offenders or face a 3% transfer of their highway construction funds to safety programs. Because imposition of the interlock by the court following conviction was in conflict with the mandatory one-year hard suspension/revocation, a number of states enacted laws requiring offenders to install the interlock as a condition for license reinstatement after they had completed the hard suspension/revocation period. Many offenders do not reinstate when eligible and some postpone reinstatement indefinitely; therefore, the effectiveness of that procedure remains to be determined.

Efficient member revocation in group signature schemes

Abstract: Group signature schemes allow a group member to sign messages anonymously on behalf of the group. During last decade, group signature schemes have been intensively investigated in the literature and applied to various applications. Especially, as noted in [3], the complexity of member deletion stands in the way of real world applications of group signatures. In this paper, we propose a group signature scheme with an efficient member revocation procedure. The proposed scheme is based on the scheme [18], which was turned out to be flawed [21]. We modify the scheme in [18] so as to obtain secure and efficient member revocation and unlinkability of signatures. Our revocation method is an improvement over the work of Camenisch and Lysyanskaya [9], which is known to be the most efficient scheme so far.

Improved revocation in authorized domain

Abstract: An authorized domain system comprising a plurality of devices including at least one retrieval device, in which the retrieval device is configured to retrieve revocation status information for two or more devices comprised in the domain and to distribute the retrieved revocation status information to one or more devices with which the retrieval device is in contact.

Partial revocation list

Abstract: A partial revocation list and a system and method for using the partial revocation list for tracking the authenticity of replacement cartridges in a manufactured device to inhibit cloning of the cartridges is provided. A revocation pool is maintained by a manufacturer who chooses a partial revocation list from the revocation pool to store in the memory of the cartridge. The device stores its own revocation list, informs the manufacturer of cartridges which have been used and checks when a new device is installed to ensure a cloned replacement is not being used. The partial revocation list distributes enough revocation information to devices to statistically impair the cartridge yield of a cloning operation.

System and method for implementing digital certificate revocation in an ad-hoc network

Abstract: A computer-implemented system for implementing maintenance and distribution of revocation information within an ad-hoc network. The system includes at least one network node. The network node includes a computer implemented application configured to maintain revocation information in computer memory and distribute the revocation information to other network nodes using a two stage distribution method. The distribution method includes a first stage wherein the revocation message is transmitted to all certifier nodes within the ad-hoc network, and a second stage wherein each certifier node distributes the revocation message to at least one non-certifier node associated with the certifier node.