Please use this identifier to cite or link to this item:

Security analysis of public key certificate issuance protocols over Internet and wireless networks

Authors Ip, Epsilon Kin Fai
Issue Date 2000
Summary Since the early 1990s public-key certificate issuance has involved verifying users' identities and public keys over a separate-and presumably secure-channel, such as in person or over the phone. However, in some cases it is not practical to mandate users to obtain certificates in person. Hence a means to issue certificates over insecure networks (e.g. Internet) is required. More recently, the market expectation of mobile commerce raises the issue of certificate issuance over wireless networks. The WAP Forum has defined a WAP PKI specification and the registration protocol is also a certificate issuance protocol. We describe the security concerns of protocols for public-key certificate issuance. We motivate and describe the protocols that have appeared in drafts of the SET specification and the WAP specification. In addition, we define a methodology on the exact engineering analysis of such protocols, based on the given cryptographic primitives such as public key encryption and signature schemes, shared key encryption schemes, random number generation and message authentication code schemes.
Note Thesis (M.Phil.)--Hong Kong University of Science and Technology, 2000
Language English
Format Thesis
Access View full-text via DOI
Files in this item:
File Description Size Format
th_redirect.html 337 B HTML
Copyrighted to the author. Reproduction is prohibited without the author’s prior written consent.