research-article

Offline count-limited certificates

Authors:

Luis F. G. Sarmenta,

Marten van Dijk,

Jonathan Rhodes,

Srinivas DevadasAuthors Info & Claims

SAC '08: Proceedings of the 2008 ACM symposium on Applied computing

Pages 2145 - 2152

https://doi.org/10.1145/1363686.1364200

Published: 16 March 2008 Publication History

Abstract

In this paper, we present the idea of offline count-limited certificates (or clics for short), and show how these can be implemented using minimal trusted hardware functionality already widely available today. Offline count-limited certificates are digital certificates that: (1) specify usage conditions that depend on irreversible counters, and (2) are used in a protocol that guarantees that any attempt to use them in violation of these usage conditions will be detected even if the user of the certificate and the verifying party have no contact at all with the outside world at the time of the transaction. Such certificates enable many interesting applications not possible with traditional (unlimited use) certificates, including count-limited delegation and access, offline commerce and trading using cashlike migratable certificates, and others. We show how all these applications can be made possible by using only a simple trusted timestamping device (TTD), which can in turn be implemented using existing trusted hardware devices such as smartcards, and the Trusted Platform Module (TPM) chips embedded in PCs available today. Significantly, our solutions do not require trust in any other components in the host machines aside from the TTD itself; they remain tamper-evident as long as the TTD is not compromised, even if the entire host system, including the BIOS, CPU, OS and memory, is compromised. This not only provides better security by minimizing the required trusted computing base, but also makes implementation possible on present-day machines without requiring a particular kind of OS. We demonstrate all these ideas by implementing a prototype application that runs under both Linux and Windows, and presenting experimental performance results.

References

[1]

L. Bauer, K. D. Bowers, F. Pfenning, and M. K. Reiter. Consumable credentials in logic-based access control. Technical Report CMU-CYLAB-06-002, CyLab, Carnegie Mellon University, Feb. 2006.

[2]

M. Y. Becker and P. Sewell. Cassandra: Flexible trust management, applied to electronic health records. In 17th IEEE Computer Security Foundations Workshop (CSFW '04), pages 139--154, 2004.

Digital Library

[3]

M. Blaze, J. Feigenbaum, and A. D. Keromytis. KeyNote: Trust management for public-key infrastructures (position paper). In LNCS 1550, pages 59--63, 1999.

Digital Library

[4]

M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In IEEE Symposium on Security and Privacy, pages 164--173, 1996.

Digital Library

[5]

L. Bussard and R. Molva. One-time capabilities for authorizations without trust. In Proceedings of the second IEEE conference on Pervasive Computing and Communications (PerCom '04), pages 351--355, March 2004.

Digital Library

[6]

J. Camenisch, S. Hohenberger, M. Kohlweiss, A. Lysyanskaya, and M. Meyerovich. How to win the Clonewars: Efficient Periodic n-times anonymous authentication. In CCS '06: Proceedings of the 13th ACM conference on Computer and communications security, pages 201--210, New York, NY, USA, 2006. ACM Press.

Digital Library

[7]

D. Chaum. Blind Signatures for Untraceable Payments. In Advances in Cryptology - Crypto '82 Proceedings, pages 199--203. Plenum Press, 1982.

[8]

D. Clarke, J.-E. Elien, C. Ellison, M. Fredette, A. Morcos, and R. L. Rivest. Certificate chain discovery in SPKI/SDSI. Journal of Computer Science, 9(4):285--322, 2001.

Digital Library

[9]

S. Haber and W. S. Stornetta. How to Time-Stamp a Digital Document. In CRYPTO '90: Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology, pages 437--455, 1991.

Digital Library

[10]

H. Kim, J. Baek, B. Lee, and K. Kim. Secret computation with secrets for mobile agent using one-time proxy signature. In Proceedings of the 2001 Symposium on Cryptography and Information Security, 2001.

[11]

M. Naor and K. Nissim. Certificate revocation and certificate update. In Proceedings 7th USENIX Security Symposium (San Antonio, Texas), 1998.

Digital Library

[12]

L. Nguyen and R. Safavi-Naini. Dynamic k-times anonymous authentication. In Applied Cryptography and Network Security (ACNS 2005), volume 3531 of Lecture Notes in Computer Science, pages 318--333, 2005.

Digital Library

[13]

M. Peinado, P. England, and Y. Chen. An overview of NGSCB. In C. Mitchell, editor, Trusted Computing, chapter 4. IEE, 2005.

[14]

W. Rankl and W. Effing. Smart Card Handbook (Third Edition). Wiley, 2003.

Digital Library

[15]

L. F. G. Sarmenta and contributors. TPM/J: Java-based API for the Trusted Platform Module (TPM). http://projects.csail.mit.edu/tc/tpmj/, Dec. 2006.

[16]

L. F. G. Sarmenta, M. van Dijk, C. W. O'Donnell, J. Rhodes, and S. Devadas. Virtual Monotonic Counters and Count-Limited Objects using a TPM without a Trusted OS. In Proceedings of the 1st ACM CCS Workshop on Scalable Trusted Computing (STC '06), Nov. 2006.

Digital Library

[17]

B. Schneier and J. Kelsey. Secure Audit Logs to Support Computer Forensics. ACM Transactions on Information and System Security (TISSEC), 2(2): 159--176, 1998.

Digital Library

[18]

I. Teranishi, J. Furukawa, and K. Sako. k-times anonymous authentication (extended abstract). In ASIACRYPT 2004, volume 3329 of Lecture Notes in Computer Science, pages 308--322, 2004.

[19]

Trusted Computing Group. Mobile Phone Specifications. https://www.trustedcomputinggroup.org/specs/mobilephone/.

[20]

Trusted Computing Group. TCG TPM Specification version 1.2. https://www.trustedcomputinggroup.org/specs/TPM/.

Cited By

Ben-David NChan BShi EMilani AWoelfel P(2022)Revisiting the Power of Non-Equivocation in Distributed ProtocolsProceedings of the 2022 ACM Symposium on Principles of Distributed Computing10.1145/3519270.3538427(450-459)Online publication date: 20-Jul-2022
https://dl.acm.org/doi/10.1145/3519270.3538427

Index Terms

Offline count-limited certificates
1. Computer systems organization
  1. Embedded and cyber-physical systems
  2. Real-time systems
2. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

A novel approach to on-line status authentication of public-key certificates
ACSAC '00: Proceedings of the 16th Annual Computer Security Applications Conference

The widespread use of public networks, such as the Internet, for the exchange of sensitive data, like legally valid documents and business transactions, poses severe security constraints. The approach relying on public-key certificates certainly ...
Extension of elliptic curve Qu–Vanstone certificates and their applications
Abstract
In public key infrastructure, a certificate, issued by a certificate authority (CA), is used to guarantee the connection between a user and her/his public key. In order to improve the efficiency, the concept of implicit certificate ...
Proprietary Certificates
CT-RSA '02: Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology

Certificates play an essential role in public-key cryptography, and are likely to become a cornerstone of commerce-related applications. Traditional certificates, however, are not secure against certificate lending, i.e., a situation in which a ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SAC '08: Proceedings of the 2008 ACM symposium on Applied computing

March 2008

2586 pages

ISBN:9781595937537

DOI:10.1145/1363686

Conference Chairs:
Roger L. Wainwright
University of Tulsa
,
Hisham M. Haddad
Kennesaw State University

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 March 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SAC '08

Sponsor:

SIGAPP

SAC '08: The 2008 ACM Symposium on Applied Computing

March 16 - 20, 2008

Fortaleza, Ceara, Brazil

Acceptance Rates

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
195
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ben-David NChan BShi EMilani AWoelfel P(2022)Revisiting the Power of Non-Equivocation in Distributed ProtocolsProceedings of the 2022 ACM Symposium on Principles of Distributed Computing10.1145/3519270.3538427(450-459)Online publication date: 20-Jul-2022
https://dl.acm.org/doi/10.1145/3519270.3538427

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents