By Topic

Bridge certification authorities: connecting B2B public key infrastructure with PAK and zero-knowledge proof

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)

Businesses are deploying Public Key Infrastructures (PKIs) to support internal business processes, implement virtual private networks, and secure corporate assets. The ability to establish business relations inside the company as well as with other companies in a secure way is important for the operability of business in today's world; corporate PKIs may implement different architectures, security policies, and cryptographic suites in order to accomplish this goal. But communication beyond the PKI is established with other companies based on a trust relationship (B2B), which brings vulnerability provided by PKIs from different companies. A flexible mechanism is needed to link these corporate PKIs and translate corporate relationships with security mechanisms and policies. This is accomplished through a Password Authentication Protocol (PAK), which provides means to authenticate or validate users across Bridge Certification Authorities (BCA), where certificates authorities (CA) are limited and cannot reach over to the other side of the BCA. In such a way, PAK can guarantee authentication of end points without modifying the original PKI structure of companies and offer flexibility in the process of implementation. Additional to this, there are several other issues that must be solved; such as the ability to connect different company PKI without compromising any sensible information that might cause a conflict of commercial interests and still guarantee a certain level of security through an accreditation and validation of the parties in order to be certain with whom we are doing business. In order to achieve accreditation and validation of PKIs and not expose any sensible information that could compromise either parties, we also based our work on a zero-knowledge security protocol, letting each PKI continue with their security policies without having to adjust to specific needs, achieving a better security level of commercial transactions through such hardening process.

Published in:

Information Assurance Workshop, 2003. IEEE Systems, Man and Cybernetics Society

Date of Conference:

18-20 June 2003