12th USENIX Security Symposium Abstract
Pp. 215-230 of the Proceedings
Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPSEC
D. K. Smetters and Glenn Durfee, Palo Alto Research Center
Effective widespread deployment of cryptographic technologies such
as secure email and IPsec has been hampered by the difficulties
involved in establishing a large scale public key infrastructure, or
PKI. Identity-based cryptography (IBC) can be used to ameliorate
some of this problem. However, current approaches to using IBC for
email or IPsec require a global, trusted key distribution center.
In this paper, we present DNSIBC, a system that captures many of the
advantages of using IBC, without requiring a global trust
infrastructure. The resulting system can be configured to require
almost no user intervention to secure both email and IP-based
network traffic. We have built a preliminary implementation of
this system in Linux.
- View the full text of this paper in HTML and
Until August 2004, you will need your USENIX membership identification in order to access the full papers. The Proceedings are published as a collective work, © 2003 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.