Abstract
The work that we’re going to talk about today is close to the work that I talked about here last year, PKI ad hoc networks. But you know ad hoc networks are useless because you can’t see any properties of truly ad hoc networks, so you have to assume some kind of properties of these nodes if you are ever to do anything with them at all.
So, the PKI is by nature ad hoc, but we think that we made a little bit of an advance on the certificate based route where no-one can construe the status by a certificate. You’ll see how this works later on, but the certificate is signed by the group key. That of course begs the question about this infrastructure environment and how you’re going to sign the key. You all know the limitations of systems that have a single sign: it’s a single point of failure, it does all the things you have problems with in a secure environment, you get a bottleneck, it’s also that single point compromise that you had at the top of the X509 issue. Either you instil complexity into it, or you instil multiple points of compromise. If one person is bad, depending on the scheme, that can make Bad Things Happen. At the very least they may be able to deny a service, but having multiple signing can create a problem property too. With threshold schemes you have the difficulty that maybe it can change in this environment. We think there’s a better way, based not on threshold schemes but on dual access structures. The idea is that a threshold scheme and an access structure have a relationship, and that actually the set of access structures for threshold schemes is a pretty important set of structures that helps you understand how they work. Instead of having a single signer you have a single signing key, and you have to have people that are your key signers that collaborate to be able to sign that key in the group. If this is a two of five scheme, then two of the people who are of the qualified set would have to agree to sign that certificate.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yasinsac, A. (2005). Protocols for Supporting a Public Key Infrastructure in Ad Hoc Networks. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2003. Lecture Notes in Computer Science, vol 3364. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11542322_34
Download citation
DOI: https://doi.org/10.1007/11542322_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28389-8
Online ISBN: 978-3-540-31836-1
eBook Packages: Computer ScienceComputer Science (R0)