Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Use of ID-Based Cryptography for the Efficient Verification of the Integrity and Authenticity of Web Resources

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2009)

  • 693 Accesses

Abstract

As the amount of information resources on the Web keeps increasing so are the concerns for information integrity, confidentiality and authenticity. In Web 2.0 users are producers as well as consumers of content and metadata, which makes guaranteeing the authenticity and integrity of information critical. The scale of the Web requires that any proposals in this direction require minimal (if any) infrastructural or administrative changes. This paper proposes the use of ID-based cryptography (IBC) to address requirements for integrity and authenticity of Web resources using either the URL/URI of a resource or the DNS name part of if. This approach presents certain challenges, which are discussed along with the pros and cons of different designs and implementations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Boneh, D., Ding, X., Tsudik, G., Wong, M., Wong, M.: Method for Fast Revocation of Public Key Certificates and Security Capabilities. In: 10th USENIX Security Symposium, pp. 297–308 (2001)

    Google Scholar 

  3. Boneh, D., Ding, X., Tsudik: Identity-Based Mediated RSA. In: Proceedings of 3rd International Workshop on Information and Security Applications, WISA 2002 (2002)

    Google Scholar 

  4. Crampton, J., Lim, H.W., Paterson, K.G.: What can identity-based cryptography offer to web services? In: Proceedings of the 2007 ACM Workshop on Secure Web Services, pp. 26–36. ACM, New York (2007)

    Chapter  Google Scholar 

  5. Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: DNS Security Introduction and Requirements. IETF draft: draft-ietf-dnsext-dnssec-intro-13, October 10 (2004)

    Google Scholar 

  6. Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  7. Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Jones, J.P., Berger, D.F., Ravishankar, C.V.: Layering public key distribution over secure DNS using authenticated delegation. In: 21st Annual Computer Security Applications Conference (2005)

    Google Scholar 

  9. Metz, C., Bsales, J.: Five Ideas That Will Reinvent Modern Computing. PC Magazine (2007)

    Google Scholar 

  10. O’Reilly, T.: What Is Web 2.0. Design Patterns and Business Models for the Next Generation of Software. O’Reilly, Sebastopol (2005)

    Google Scholar 

  11. PARC (Palo Alto Research Center). Content-Centric Networking: PARC’s Strategy for Pioneering a Self-Organizing Network That Meets Information Needs. Media Backgrounder (2006), http://www.parc.com/content/newsroom/CCN_backgrounder.pdf

  12. Paterson, K.G., Price, G.: A comparison between traditional public key infrastructures and identity-based cryptography. Information Security Technical Report, vol. 8(3), pp. 57–72 (July 2003)

    Google Scholar 

  13. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  14. Eastlake, D., Reagle, J., Solo, D., Hirsch, F., Roessler, T.: XMLDsig - XML Signature Syntax and Processing, 2nd edn. W3C Recommendation (2008), http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/

  15. RFC2807. XML Signature Requirements. IETF (July 2000), http://www.ietf.org/rfc/rfc2807.txt

  16. RFC3986. Uniform Resource Identifier (URI): Generic Syntax. IETF (January 2005), http://www.ietf.org/rfc/rfc3986.txt

  17. Smetters, D.K., Durfee, G.: Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPsec. In: Proceedings of 12th USENIX Security Symposium, pp. 215–229 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Southampton, UK

    Thanassis Tiropanis

  2. Athens Information Technology, Greece

    Tassos Dimitriou

Authors
  1. Thanassis Tiropanis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tassos Dimitriou
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electrical Engineering and Computer Science, Robert R. McCormick School of Engineering and Application Science, Northwestern University, 2145 Sheridian Road, 60208-3118, Evanston, IL, USA

    Yan Chen

  2. Athens Information Technology, Markopoulo Ave., GR-19002, Peania, Greece

    Tassos D. Dimitriou

  3. Institute for Infocomm Research, 1 Fusionopolis Way, 21-01 Connexis, South Tower, 138632, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Tiropanis, T., Dimitriou, T. (2009). Use of ID-Based Cryptography for the Efficient Verification of the Integrity and Authenticity of Web Resources. In: Chen, Y., Dimitriou, T.D., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 19. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05284-2_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-05284-2_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-05283-5

  • Online ISBN: 978-3-642-05284-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation