An Implementation Suite for a Hybrid Public Key Infrastructure

Jason Chia*, Swee Huay Heng*, Ji Jian Chin, Syh Yuan Tan, Wei Chuen Yau

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

<jats:p>Public key infrastructure (PKI) plays a fundamental role in securing the infrastructure of the Internet through the certification of public keys used in asymmetric encryption. It is an industry standard used by both public and private entities that costs a lot of resources to maintain and secure. On the other hand, identity-based cryptography removes the need for certificates, which in turn lowers the cost. In this work, we present a practical implementation of a hybrid PKI that can issue new identity-based cryptographic keys for authentication purposes while bootstrapping trust with existing certificate authorities. We provide a set of utilities to generate and use such keys within the context of an identity-based environment as well as an external environment (i.e., without root trust to the private key generator). Key revocation is solved through our custom naming design which currently supports a few scenarios (e.g., expire by date, expire by year and valid for year). Our implementation offers a high degree of interoperability by incorporating X.509 standards into identity-based cryptography (IBC) compared to existing works on hybrid PKI–IBC systems. The utilities provided are minimalist and can be integrated with existing tools such as the Enterprise Java Bean Certified Authority (EJBCA).</jats:p>
Original languageEnglish
Pages (from-to)1535-1535
Number of pages0
JournalSymmetry
Volume13
Issue number8
DOIs
Publication statusE-pub ahead of print - 20 Aug 2021

Fingerprint

Dive into the research topics of 'An Implementation Suite for a Hybrid Public Key Infrastructure'. Together they form a unique fingerprint.

Cite this