Hybrid-Style Personal Key Management in Ubiquitous Computing

Byoungcheon Lee

Abstract

In ubiquitous computing environment it is common that a user owns and uses multiple computing devices, but managing cryptographic keys in those devices is a complicated matter. If certificate-based cryptography (PKI) is used such that each device has independent certificate, then user has to be involved in multiple certificate issuing processes with certification authorities (CA) and has to keep multiple private keys securely. If a single user certificate is copied and shared in multiple user devices, then a single exposure of private key among multiple devices will destroy the secrecy of every devices. Each device has to have import and export function of private key, which will be a major security weakness that attackers will focus on. In this paper we propose a user-controlled personal key management scheme using hybrid approach, in which certificate is used to authenticate a user and self-generated ID keys are used to authenticate user’s computing devices. In this scheme user operates a personal key management server (PKMS) which has the role of personal key generation center (KGC). It is equipped with user’s certified private key as a master key and is used to issue ID private keys to user’s computing devices. Users normally use multiple computing devices equipped with different ID keys and enjoy secure communication with others using ID-based cryptography. We show that the proposed hybrid-style personal key management scheme is efficient in many aspects and reduces user’s key management load drastically.

References

  1. Boneh, D. & Franklin, M. (2001). Identity-based encryption from the Weil pairing. Advances in Cryptology - Crypto'2001, LNCS 2139, pp. 213-229. SpringerVerlag.
  2. Boneh, D., Lynn, B. & Shacham, H. (2002). Short signatures from the Weil pairing. Advances in Cryptology - Asiacrypt'2001, LNCS 2248, pp. 514-532, SpringerVerlag.
  3. Cha, J. & Cheon, J. (2003). An Identity-Based Signature from Gap Diffie-Hellman Groups. Practice and Theory in Public Key Cryptography - PKC'2003, LNCS 2567, pp. 18-30, Springer-Verlag.
  4. Chen, L., Harrison, K., Moss, A., Soldera, D. & Smart, N.P. (2002). Certification of Public Keys within an Identity Based System. ISC 2002, LNCS 2433, pages 322- 333, Springer-Verlag.
  5. Chen, L. & Kudla, C. (2002). Identity based key agreement protocols from pairings. Proceedings of the 16th IEEE Computer Security Foundations Workshop, pages 219-233, IEEE Computer Society Press.
  6. Lee, B., Boyd, C., Dawson, E., Kim, K., Yang, J. & Yoo, S. (2004). Secure Key Issuing in ID-Based Cryptography. ACSW Frontiers 2004 - Second Australasian Information Security Workshop 2004. Volume 26 of Australian Computer Science Communications, pages 66-74. Australian Computer Society.
  7. Public-Key Infrastructure (X.509) (pkix), http://datatracker.ietf.org/wg/pkix/charter/
Download


Paper Citation


in Harvard Style

Lee B. (2014). Hybrid-Style Personal Key Management in Ubiquitous Computing . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 238-243. DOI: 10.5220/0005029102380243


in Bibtex Style

@conference{secrypt14,
author={Byoungcheon Lee},
title={Hybrid-Style Personal Key Management in Ubiquitous Computing},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={238-243},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005029102380243},
isbn={978-989-758-045-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Hybrid-Style Personal Key Management in Ubiquitous Computing
SN - 978-989-758-045-1
AU - Lee B.
PY - 2014
SP - 238
EP - 243
DO - 10.5220/0005029102380243