A New Digital Signature and Certificate Architecture with Shortest Certification Path

The existing certificate architecture has two problems in terms of security and authentication. One is that there exists some possibility of certificate forgery by exploiting the collision problem associated with the hash algorithm used for signing. The other is that certification path complicates user authentication because it increases according to the distance between communicating users. In this paper we propose a new digital signature scheme and certificate architecture that solve the problems. It is achieved by using two-public key cryptography and a new certificate architecture. The proposed approach can be used without reconstructing the structure of the existing PKI system and always allows a certification path whose length is 1 regardless of the distance between the users. This is because each user confirms only the digital signature of root CA in the combined hierarchical-network infrastructure.