| With the ever-increasing growth in distributed computing, electronic commerce, electronic government and grid applications, the need for a secure and practical public key infrastructure to provide security for such applications to take place is quite evident. Yet several issues remain to be solved before public key infrastructure get widely deployed, including secure storage of private keys, secure usage of private keys, the storage of private key supporting user mobility, timely and efficient certificate revocation mechanisms, etc. In this dissertation, we aim to address these issues by exploiting online servers to help securely store clients' private key and securely perform private key cryptographic computations such as digital signatures and decryptions.The main contributions of this dissertation are:1) We describe a mechanism requiring an online server to store clients' private keys, whenever needed, the clients authenticate to the server to download the private key or perform private key cryptographic computations online. Three protocols are proposed corresponding to distinct private key operations: In OCMA_Gen scheme, the client mutually authenticates with the server using password and secret stored at his/her device to download his/her private key; In OCMA_Sig and OCMA_Dec protocols, the private key is divided into two shares, one for the client and the other for the server, each party performs half part of signature or decryption and the complete signature or decrypted plaintext message is combined at the client side. A formal security proof is given on the security of the complete signature derived from two half signature parts. We give a formal security proof of OCMA_Gen under the random oracle model and ideal-cipher model. A conclusion is drawn that these schemes can withstand server's compromise and needs an online password guessing attack to compromise the private key when client's device is compromised. Prototypes of these three protocols are implemented.2) Two-Server Authentication Protocol(TSAP) and Two-server Authenticated Key Exchange protocol(TAKE) supporting weak-password authentication are proposed, both of which employ two servers to authenticate clients in order to thwart offline password guessing attacks against server's verifier database when one server is compromised. Clients need only to remember username and password to authenticate securely with the two servers. The two protocols can withstand replay attacks, stolen-verifier attacks, impersonation attacks, and support weak password. We further propose two-server proxy signature and decryption schemes that can achieve fast certificate revocation mechanism and performing signature and decryption operations without recovering the complete clients' private keys so as to protect private key from compromise.
|
PDF Full Text Request