To all:

Here is a scheme for a central organization
distributing a trust anchor public key with rollover
requirement. The suggested acronym for this scheme is
TAKREM for Trust Anchor Key REnewal Method.

We use the notation #R[i]# for the public "root" public
key #R[i]#, with the private key counterpart #r[i]#.

The central organization establishes key pairs
#<r[0],R[0]>#, #<r[1],R[1]>#, #<r[2],R[2]>#, ...,
#<r[n],R[n]>#, allocating the pair #<r[0],R[0]># as the
initial private/public trusted key pair, and reserving
each key pairs #<r[i],R[i]># for the cryptoperiod
starting with the #i#'th root key renewal, for
#1<=i<=n#.

A separate MASH (Modular Arithmetic Secure Hash)
instance #H[i]# is created for each #R[i]#. MASH is
defined in International standard document ISO/IEC
10118-4:1998, "Information technology - Security
techniques - Hash-functions - Part 4: Hash-functions
using modular arithmetic."

That is, the central organization selects a large
composite modulus number #N[i]# used in the MASH round
function and a prime number #P[i]# used in the MASH
final reduction function.

Then, the central organization selects a random salt
field #s[i]#.

A hash computation gives a root key digest #D[i]# :
          #D[i]=H[i](s[i]|R[i]|N[i]|P[i])# .
The digest #D[i]# is like an advanced notice of future
trust anchor key #R[i]#.

The data tuple #<r[i],R[i],N[i],P[i],s[i]># is set
aside in dead storage.

The trust anchor key initial distribution is
          #R[0], D[1], D[2], ..., D[n]# .

Security rationale: with data tuple
#<r[i],R[i],N[i],P[i],s[i]># totally concealed until
the usage period for key pair #<r[i],R[i]>#, an
adversary is left with the digest #D[i]# from which it
is deemed impossible to mount a brute force attack.

A root key rollover is triggered by the following
message:
          #i,<R[i],N[i],P[i],s[i]># .

Upon receipt of this messsage, the end-user system
becomes in a position to validate the root key digest
#D[i]#.

More details are provided in
http://www.connotech.com/takrem.pdf.

Regards,

--

- Thierry Moreau

CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, Qc
Canada   H2M 2A1

Tel.: (514)385-5691
Fax:  (514)385-5900

web site: http://www.connotech.com
e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to