Browse by author
Lookup NU author(s): Dr Syh Yuan TanORCiD
This work is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0).
Public key infrastructure (PKI) plays a fundamental role in securing the infrastructure of the Internet through the certification of public keys used in asymmetric encryption. It is an industry standard used by both public and private entities that costs a lot of resources to maintain and secure. On the other hand, identity-based cryptography removes the need for certificates, which in turn lowers the cost. In this work, we present a practical implementation of a hybrid PKI that can issue new identity-based cryptographic keys for authentication purposes while bootstrapping trust with existing certificate authorities. We provide a set of utilities to generate and use such keys within the context of an identity-based environment as well as an external environment (i.e., without root trust to the private key generator). Key revocation is solved through our custom naming design which currently supports a few scenarios (e.g., expire by date, expire by year and valid for year). Our implementation offers a high degree of interoperability by incorporating X.509 standards into identity-based cryptography (IBC) compared to existing works on hybrid PKI–IBC systems. The utilities provided are minimalist and can be integrated with existing tools such as the Enterprise Java Bean Certified Authority (EJBCA).
Author(s): Chia J, Heng SH, Chin JJ, Tan SY, Yau WC
Publication type: Article
Publication status: Published
Journal: Symmetry
Year: 2021
Volume: 13
Issue: 8
Online publication date: 20/08/2021
Acceptance date: 17/08/2021
Date deposited: 22/12/2022
ISSN (electronic): 2073-8994
Publisher: MDPI
URL: https://doi.org/10.3390/sym13081535
DOI: 10.3390/sym13081535
Altmetrics provided by Altmetric
