Eliminating Counterevidence with Applications to Accountable Certificate Management

This paper presents a method to increase the accountability of certificate management by making it intractable for the certification authority (CA) to create contradictory statements about the validity of a certificate. The core of the method is a new primitive, undeniable attester, that allows someone to commit to some set S of bitstrings by publishing a short digest of S and to give attestations for any x that it is or is not a member of S. Such an attestation can be verified by obtaining in authenticated way the published digest and applying a verification algorithm to the triple of the bitstring, the attestation and the digest. The most important feature of this primitive is intractability of creating two contradictory proofs for the same candidate element x and digest. We give an efficient construction for undeniable attesters based on authenticated search trees. We show that the construction also applies to sets of more structured elements. We also show that undeniable attesters exist iff collision-resistant hash functions exist.

[1]  Jon Louis Bentley,et al.  Multidimensional Binary Search Trees in Database Applications , 1979, IEEE Transactions on Software Engineering.

[2]  Ahto Buldas,et al.  Optimally Efficient Accountable Time-Stamping , 2000, Public Key Cryptography.

[3]  Jonna Särs Analysis and Application of Accountable Certificate Management , 2001 .

[4]  Peter Gemmell,et al.  Efficient and Fresh Cerification , 2000, Public Key Cryptography.

[5]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[6]  Kaisa Nyberg,et al.  Fast Accumulated Hashing , 1996, FSE.

[7]  Friedhelm Meyer auf der Heide,et al.  Dynamic perfect hashing: upper and lower bounds , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[8]  Tomas Sander,et al.  Efficient Accumulators without Trapdoor Extended Abstracts , 1999, ICICS.

[9]  Josh Benaloh,et al.  One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract) , 1994, EUROCRYPT.

[10]  Paul C. Kocher On Certificate Revocation and Validation , 1998, Financial Cryptography.

[11]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[12]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[13]  Faith Ellen,et al.  Optimal bounds for the predecessor problem , 1999, STOC '99.

[14]  Donald E. Knuth,et al.  The art of computer programming, volume 3: (2nd ed.) sorting and searching , 1998 .

[15]  Peter Elias,et al.  Universal codeword sets and representations of the integers , 1975, IEEE Trans. Inf. Theory.

[16]  Bruno Crispo,et al.  A Certification Scheme for Electronic Commerce , 1996, Security Protocols Workshop.

[17]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[18]  Stuart Haber,et al.  How to time-stamp a digital document , 1990, Journal of Cryptology.

[19]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[20]  Jon Louis Bentley,et al.  Multidimensional binary search trees used for associative searching , 1975, CACM.

[21]  Jan Willemson,et al.  Time-Stamping with Binary Linking Schemes , 1998, CRYPTO.

[22]  M. V. Wilkes,et al.  The Art of Computer Programming, Volume 3, Sorting and Searching , 1974 .

[23]  Mary Baker,et al.  Enabling the Archival Storage of Signed Documents , 2002, FAST.

[24]  Peeter Laud,et al.  Accountable certificate management using undeniable attestations , 2000, CCS.

[25]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[26]  Jaak Henno,et al.  SECURE AND EFFICIENT TIME-STAMPING SYSTEMS , 1999 .

[27]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[28]  Donald E. Knuth,et al.  The Art of Computer Programming: Volume 3: Sorting and Searching , 1998 .

[29]  Ronald L. Rivest,et al.  Can We Eliminate Certificate Revocations Lists? , 1998, Financial Cryptography.

[30]  Paweł Domański,et al.  Functional analysis : proceedings of the first international workshop held at Trier University, Germany, September 26-October 1, 1994 , 1996 .