Ravi Ganesan
- 1 Boyd, C. Digital Multisignatures, Cryptography and Coding. Clarendon Press, Oxford, 1989. H.J. Beker and F.C. Piper, Eds.]]Google Scholar
- 2 Denning, D. To tap or not to tap. Commun. ACM 36, 3 (Mar. 1993).]] Google ScholarDigital Library
- 3 Denning, D., and Branstad, D. A taxonomy for key-escrow encryption systems. Connmun. ACM 39, 3 (Mar. 1996).]] Google ScholarDigital Library
- 4 Ganesan, R. Yaksha: Augmenting Kerberos with public-key cryptography. In Proceedings of the Internet Society Symposium on Network and Distributed Systems Security, (Feb.) 1995.]] Google ScholarDigital Library
- 5 Ganesan, R., and Yacobi, Y. A secure joint signature and key exchange system. Bellcore TM-24531, Oct. 1994.]]Google Scholar
- 6 Kent, S. Privacy Enhancement for Internet Electronic Mail: Part II: Certificate Based Key Management, Internet RFC 1422, Feb. 1993.]] Google ScholarDigital Library
- 7 Needham, R.M., and Schroeder, M.D. Using encryption for authentication in large networks of computers. Commun. ACM 21, I2 (Dec. 1978).]] Google ScholarDigital Library
- 8 Neuman, B.C., and Ts'o, T. Kerberos: An authentication service for computer networks. IEEE Commun. (Sept. 1994).]]Google Scholar
- 9 Rivest, R., Shamir, A., and Adelman, L. On digital signatures and public-key cryptography. Commun. ACM 27, 7 (July 1978).]] Google ScholarDigital Library
- 10 Schneier, B. Applied Cuptography: Protocols, Algorithms and Source Code in C. Wiley, New York, 1994.]] Google ScholarDigital Library
Index Terms
- The Yaksha security system
Recommendations
Yaksha: augmenting Kerberos with public key cryptography
SNDSS '95: Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)The Kerberos authentication system is based on the trusted third-party Needham-Schroeder (1978) authentication protocol. The system is one of the few industry standards for authentication systems and its use is becoming fairly widespread. The system has ...
CCA Security and Trapdoor Functions via Key-Dependent-Message Security
AbstractWe study the relationship among public-key encryption (PKE) satisfying indistinguishability against chosen plaintext attacks (IND-CPA security), that against chosen ciphertext attacks (IND-CCA security), and trapdoor functions (TDF). Specifically, ...
Reviews
Judy Marian Myerson
The basic purpose of this paper is twofold. First, it shows that the Yaksha security system is a single security infrastructure that can provide multiple security functions, such as authentication, digital signature, and key exchange. Second, it describes how the system can be used for key escrow. It fulfills its purpose by presenting a summary of key design requirements and solutions for escrow problems. “Two commonly accepted requirements essentially define key escrow systems. The system should provide an authority [such as government or a corporate organization] the ability to access encrypted information without the cooperation of the participants. The backdoor inherent in the system should not be usable by an unauthorized third party.” After describing the general Yaksha system, the paper proceeds to a brief discussion of how three very different key escrow problems can be solved using the same Yaksha infrastructure. Telephony, email, and encrypted data storage are example applications. The best features of the paper are the note at the top of the first page explaining what the Yaksha security infrastructure is, and the first paragraph, on what Yakshas are in Hindu mythology. However, the paper fails to provide a sidebar on the first page to briefly explain that the Yaksha system is a variant of the RSA public-key cryptosystem. The references are adequate. Overall, the paper opens a door to further discussion on single security infrastructures .
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments