Geraint Price

A comparison between traditional public key infrastructures and identity-based cryptography

Abstract With the recent acceleration in research into identity-based public key cryptography (ID-PKC), we consider this to be an opportune moment to compare and contrast ID-PKC with more traditional public key infrastructures (PKI). Because of the similarity in the nature of both approaches, we aim to identify the distinguishing features of each approach. In doing so, we highlight the important questions to be asked when weighing up the benefits and drawbacks of the two technologies.

A General Attack Model on Hash-Based Client Puzzles

In this paper, we present a general attack model against hash-based client puzzles. Our attack is generic in that it works against many published protocols. We introduce a new protocol and subsequently attack our new construction as well. We conclude by drawing two requirements of client puzzle protocols that would overcome our attack.

Interoperation between a conventional PKI and an ID-Based infrastructure

In this paper we consider how practical interoperation between a conventional PKI and an infrastructure based on ID-based cryptography might be achieved. Major issues arising from such interoperation are raised, and possible solutions are proposed.

Understanding the weaknesses of human-protocol interaction

A significant number of attacks on systems are against the non-cryptographic components such as the human interaction with the system. In this paper, we propose a taxonomy of human-protocol interaction weaknesses. This set of weaknesses presents a harmonization of many findings from different research areas. In doing so we collate the most common human-interaction problems that can potentially result in successful attacks against protocol implementations. We then map these weaknesses onto a set of design recommendations aimed to minimize those weaknesses.

The benefits and drawbacks of using electronic identities

In this article we carry out a critical analysis of the benefits and drawbacks which are likely when we include electronic data to hold, validate and process the information used to generate and manage an identity. In addition, we consider the potential knock-on impact of this for the transactions which rely on this electronic identity information.

User-friendly and certificate-free grid security infrastructure

Certificate-based public key infrastructures are currently widely used in computational grids to support security services. From a user’s perspective, however, certificate acquisition is time-consuming and public/private key management is non-trivial. In this paper, we propose a security infrastructure for grid applications, in which users are authenticated using passwords. Our infrastructure allows a user to perform single sign-on based only on a password, without requiring a public key infrastructure. Moreover, hosting servers in our infrastructure are not required to have public key certificates. Nevertheless, our infrastructure supports essential grid security services, such as mutual authentication and delegation, using public key cryptographic techniques without incurring significant additional overheads in comparison with existing approaches.

An adaptive threat model for security ceremonies

Ever since Needham and Schroeder introduced the notion of an active attacker, significant research has been conducted regarding protocol design and analysis to verify that the protocols’ goals are robust against this type of attacker. Nowadays, the Dolev–Yao threat model is the most widely accepted attacker model for the analysis of security protocols. Consequently, there are several security protocols considered secure against an attacker under Dolev–Yao’s assumptions. With the introduction of the concept of ceremonies, which extends protocol design and analysis to include human peers, we can potentially find and solve security flaws that were previously not detectable. In this paper, we discuss that even though Dolev–Yao’s threat model can represent the most powerful attacker possible in a ceremony, the attacker in this model is not realistic in certain scenarios, especially those related to human peers. We propose a dynamic threat model that can be adjusted according to each ceremony and consequently adapt the model and the ceremony analysis to realistic scenarios. We demonstrate the feasibility of our approach with a support implementation using first-order logic and an automatic theorem prover.

Public Key Infrastructures: A research agenda

In this paper we categorise some of the challenges facing those building, deploying and using Public Key Infrastructures (PKIs). Our work is based on a series of in-depth interviews and analysis. The aim of the work in this paper is twofold: to present the conclusions drawn from work that is based on years of practical experience of those in the field; to analyse those conclusions in order to highlight research avenues that will answer the challenges raised by those in industry.

Broadening the Scope of Fault Tolerance within Secure Services

We believe that to date the use of fault tolerance within secure services has been limited to the scope of replicating services. We demonstrate that controlling state within a protocol execution can be a useful abstraction of fault tolerance within a secure environment, and this can lead to more widespread use of fault tolerance within secure services.

Client v. server side protocols, interfaces and storage

We present a model for increasing the effectiveness of the communication between an application and a security protocol. The model is a development of previous work by Syverson and Meadows. It also incorporates our notion that transferability and control of data across a secure interface can improve the use of security services by applications.