The\Omega Key Management Service

The\Omega Key Management Service (1996)

Cached

Download Links

[www.research.att.com]

by Michael K. Reiter , Matthew K. Franklin , John B. Lacy , Rebecca N. Wright

Citations:

1 - 1 self

BibTeX

@MISC{Reiter96the\omegakey,
    author = {Michael K. Reiter and Matthew K. Franklin and John B. Lacy and Rebecca N. Wright},
    title = {The\Omega Key Management Service},
    year = {1996}
}

Bookmark

OpenURL

Abstract

In this paper we introduce \Omega\Gamma a distributed public key management service for open networks.\Omega offers interfaces by which clients can register, retrieve, and revoke public keys, and escrow, use (to decrypt messages), and recover private keys, all of which can be subjected to access control policy. \Omega is built using multiple servers in a way that ensures its correct operation despite the malicious corruption of fewer than one-third of its component servers. We describe the design of \Omega\Gamma the protocols underlying its operation, performance in our present implementation, and an experimental application of the service. 1 Introduction Key management remains the primary obstacle to the wide-scale use of cryptography. While numerous approaches to key management have been proposed for specific application domains, in our opinion few exhibit sufficient power and flexibility to support the full range of applications emerging today. Solutions relying on an off-line cert...

Citations

2507	A method for obtaining digital signatures and public-key cryptosystems - Rivest, Shamir, et al.
961	A public key cryptosystem and a signature scheme based on discrete logarithms - ElGamal - 1985
716	Implementing fault-tolerant services using the state machine approach: a tutorial - Schneider - 1990
403	Authentication in distributed systems: Theory and practice - Lampson, Abadi, et al. - 1992
326	Kerberos: An authentication service for computer networks - Neuman, Ts’o - 1994
325	The MD4 message digest algorithm - RIVEST - 1991
162	Secure agreement protocols: Reliable and atomic group multicast in Rampart - Reiter - 1994
135	The Rampart Toolkit for building high-integrity services - Reiter - 1995
125	signatures for untraceable payments - Blind - 1982
98	Shared generation of authenticators and signatures - Desmedt, Frankel - 1992
81	The Digital distributed system security architecture - Gasser, Goldstein, et al. - 1989
72	Intrusion tolerance in distributed computing systems - Deswarte, Blain, et al. - 1991
66	How to share a function securely - Santis, Desmedt, et al. - 1994
61	Distributed provers with applications to undeniable signatures - Pedersen - 1991
60	SPX : Global authentication using public key certificates - J, ALAGAPPAN - 1991
59	Internet privacy enhanced mail - Kent - 1993
47	Increasing availability and security of an authentication service - Gong - 1993
45	Digital multisignatures - Boyd - 1989
43	How to make replicated data secure - Herlihy, Tygar - 1987
41	How to securely replicate services - Reiter, Birman - 1994
30	Renesse. A security architecture for fault-tolerant systems - Reiter, Birman, et al. - 1994
24	Yaksha: Augmenting Kerberos with public key cryptography - GANESAN - 1995
13	public-key cryptosystems - Fair - 1993
11	Fair cryptosystems revisited - Kilian, Leighton - 1995
8	SESAME V2 public key and authorisation extensions to Kerberos - MCMAHON - 1995
5	Key distribution without individual trusted authentication servers - Chen, Gollmann, et al. - 1995
4	Escrowed encryption systems visited: Threats, attacks, analysis and designs - Frankel, Yung - 1995
3	SSL94] The SSL Protocol (Internet Draft - Hickman - 1994
2	CryptoLib: Cryptographyin software - Lacy, Mitchell, et al. - 1993
1	Adaptive chosen ciphertext security for RSA from Guillou-Quisquater signatures - Franklin, Reiter - 1995