[ Last changed: 17th May 1995 ]
Security Group Seminar, 2nd May 1995
- Speaker:
- Bruce Christianson, University of Hertfordshire
- Date:
- Tuesday 2nd May 4.15pm
- Place:
- Room TP4, Computer Laboratory
- Title:
- NESTED SIGNATURES
Public key cryptosystems allow in theory the development of
theft-proof capabilities which can be held in user space, passed
across untrusted networks, and used without on-line authentication of
the presenter, but which cannot be stolen and used successfully by an
imposter, even with the collusion of certification authorities.
However, achieving this efficiently makes it desirable to refer to
electronic instruments by their signatures rather than including
complete texts. We discuss some key-spoofing attacks on theft-proof
capabilities constructed using RSA and possible countermeasures. We
conclude that PKCs would be more useful if their signature depended
strongly on the public key of the certification authority.
Security Group Seminar, 2nd May 1995 / Mark.Lomas@cl.cam.ac.uk