{Domain-Based} Administration of {Identity-Based} Cryptosystems for Secure Email and {IPSEC}

D. K. Smetters; Glenn Durfee

Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPSEC

Effective widespread deployment of cryptographic technologies such as secure email and IPsec has been hampered by the difficulties involved in establishing a large scale public key infrastructure, or PKI. Identity-based cryptography (IBC) can be used to ameliorate some of this problem. However, current approaches to using IBC for email or IPsec require a global, trusted key distribution center. In this paper, we present DNSIBC, a system that captures many of the advantages of using IBC, without requiring a global trust infrastructure. The resulting system can be configured to require almost no user intervention to secure both email and IP-based network traffic. We have built a preliminary implementation of this system in Linux.

D. K. Smetters, Palo Alto Research Center

Glenn Durfee, Palo Alto Research Center

BibTeX

@inproceedings {270155,
author = {D. K. Smetters and Glenn Durfee},
title = {{Domain-Based} Administration of {Identity-Based} Cryptosystems for Secure Email and {IPSEC}},
booktitle = {12th USENIX Security Symposium (USENIX Security 03)},
year = {2003},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/12th-usenix-security-symposium/domain-based-administration-identity-based-cryptosystems},
publisher = {USENIX Association},
month = aug
}

Download

Links

Paper:

http://www.usenix.org/events/sec03/tech/full_papers/smetters/smetters.pdf

Paper (HTML):

http://www.usenix.org/events/sec03/tech/full_papers/smetters/smetters_html/index.html

USENIX Conference Policies

Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPSEC

D. K. Smetters, Palo Alto Research Center

Glenn Durfee, Palo Alto Research Center

Links