Topic: public key encryption

topics > computer science > Group: security

digital signature
key distribution
Subtopic: public key protection up

Quote: shouldn't unnecessarily divulge information, e.g., public keys should remain secret from non-users [»giffDK4_1982]
Quote: if an adversary can get a user to sign arbitrary messages, can decrypt public key messages or forge signatures [»dennDE4_1984]
Quote: prevent a public key attack by signing all messages with a one-way public function [»dennDE4_1984]
Quote: public-key cryptosystems are vulnerable to forgery and man-in-the-middle attacks [»zimmPR_1995]

Subtopic: public key infrastructure up

Quote: need a trusted public key directory, otherwise cannot trust a digital signature [»gelbB12_2000]
Quote: for public key infrastructure choose locally meaningful identifiers, avoid revocation, use freshness guarantee, design for a purpose [»gutmP8_2002]
Quote: a public password is a written digest of the authentication server's public key; needed for password protocols [»haleS8_1999]
Quote: mutual authentication using public-key cryptology; with a smart card, the users' secrets are not exposed to the certification center [»leePJ1_1990]

Subtopic: signature verification up

Quote: can allow for compromised keys if the authentication server adds a signed copy of the sender's public key to the message [»bootKS11_1981]

Subtopic: signed public key, certificate up

Quote: a public-key certificate is a secure answer to a predetermined query; may broadcast via an untrusted systems; generate on a tightly secured system [»lampBW6_2004]
Quote: to sign a public key, you should require your own independent firsthand knowledge of who owns that key [»zimmPR_1995]
Quote: never trust a public key that isn't signed by someone you trust, i.e., someone whose trusted public key is on your key ring [»zimmPR_1995]
Quote: protect public keys by an audit trail giving registrations of keys, signatures, and compromised keys [»dennDE2_1983]
Quote: a self-certified public key includes an encrypted certification; secret keys are unknown to the authority (unlike identity-based schemes) [»giraM4_1991]
Quote: prevent public key forgery with signed public key certificates from mutually trusted friends; allows centralized and decentralized approaches [»zimmPR_1995]
Quote: secure communication and authentication in Taos with certificates, credentials, shared keys, and public keys [»wobbE2_1994]

Subtopic: key continuity up

Quote: use key continuity for public-key management; a known, good key confirms a remote party's identity; e.g., SSH [»gutmP2_2004]
Quote: key continuity is vulnerable to man-in-the-middle attacks; unlikely; e.g., credit cards have not been intercepted [»gutmP2_2004]
Quote: SSH loses key continuity when reinstalled; could generate a successor key for future use; reestablish continutity with an old-with-new key exchange [»gutmP2_2004]

Subtopic: public key as unique ID up

Quote: use a public originator key instead of a GUID; use to sign a component assembly [»meijE10_2002]

Subtopic: public key vs. private key up

Quote: encryption protocols similar from public-key and conventional algorithms; public-key only has advantage for signed communications [»needRM12_1979]
Quote: digital signatures work well for business-to-business transactions with secure computers; but then a public key infrastructure is not needed [»elliC2_2000]
Quote: all strong password mechanisms use public-key techniques to resist password-guessing attacks; probably necessary [»haleS8_1999]

Subtopic: network security up

QuoteRef: muelC_1982 ;;487 design for a secure local network based on DES and public-key cryptography.

Subtopic: public key algorithms up

Quote: ideal properties for public-key encryption are security against adaptive attacks, fast encryption and decryption, ciphertext same length as plaintext, large plaintext space, and small memory size [»nishM12_2001]
Quote: performance testing of cryptographic algorithms written in optimized assembly code [»prenB12_1998]
Quote: CryptoLib is a portable and efficient library for public and private key encryption systems [»lacyJB10_1993]
Quote: a public-key encryption system based on Diophantine equations; a vector product to send, and several multiplications and modulus operations to receive [»linCH1_1995]
Quote: how to optimize RSA encryption and decryption; software often faster than hardware implementations [»wienMJ2_2000]

Subtopic: modular squaring up

Quote: fast public-key encryption based on modular squaring; secure against an adaptive chosen-ciphertext attack

Related Topics up

Topic: authentication (93 items)
Topic: digital signature (25 items)
Topic: encryption (45 items)
Topic: key distribution
(35 items)

Updated barberCB 6/05
Copyright © 2002-2008 by C. Bradford Barber. All rights reserved.
Thesa is a trademark of C. Bradford Barber.