Information Security and Cryptography Research Group

Reasoning about Public-key Certification — on Bindings Between Entities and Public Keys

Reto Kohlas and Ueli Maurer

Proceedings of Financial Cryptography — FC '99, Lecture Notes in Computer Science, Springer-Verlag, vol. 1648, pp. 86–103, Feb 1999.

Public-key certification is of crucial importance for advancing the global information infrastructure, yet it suffers from certain ambiguities and lack of understanding and precision. This paper suggests a few steps towards basing public-key certification and public-key infrastructures on firmer theoretical grounds. In particular, we investigate the notion of binding a public to an entity. We propose a calculus for deriving conclusions from a given entity Alice's (for instance a judge's) view consisting of evidence and inference rules valid in Alice's world. The evidence consists of statements made by public keys (e.g., certificates, authorizations, or recommendations), statements made physically towards Alice by other entities, and trust assumptions. Conclusions are about who says a statement, who owns or is committed to a public key, and who transfers a right or authorization to another entity, and are derived by applying the inference rules.

BibTeX Citation

    author       = {Reto Kohlas and Ueli Maurer},
    title        = {Reasoning about Public-key Certification --- on Bindings Between Entities and Public Keys},
    editor       = {Matthew Franklin},
    booktitle    = {Proceedings of Financial Cryptography --- FC~'99},
    pages        = {86--103},
    series       = {Lecture Notes in Computer Science},
    volume       = {1648},
    year         = {1999},
    month        = {2},
    publisher    = {Springer-Verlag},

Files and Links