Classifying Public Key Certificates

  • Javier Lopez
  • Rolf Oppliger
  • Günther Pernul
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3545)


In spite of the fact that there are several companies that (try to) sell public key certificates, there is still no unified or standardized classification scheme that can be used to compare and put into perspective the various offerings. In this paper, we try to start filling this gap and propose a four-dimensional scheme that can be used to uniformly describe and classify public key certificates. The scheme distinguishes between (i) who owns a certificate, (ii) how the certificate owner is registered, (iii) on what medium the certificate (or the private key, respectively) is stored, and (iv) what type of functionality the certificate is intended to be used for. We think that using these or similar criteria to define and come up with unified or even standardized classes of public key certificate is useful and urgently needed in practice.


Natural Person Legal Entity Hardware Device Transport Layer Security Software Publisher 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Anderson, R., Kuhn, M.: Tamper Resistance — A Cautionary Note. In: Proceedings of the 2nd USENIX Workshop on Electronic Commerce, pp. 1–11 (November 1996)Google Scholar
  2. 2.
    Anderson, R., Kuhn, M.: Low Cost Attacks on Tamper Resistant Devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  3. 3.
    Anderson, R.: Why Cryptosystems Fail. Communications of the ACM 37(11), 32–40 (1994)CrossRefGoogle Scholar
  4. 4.
    Boneh, D., DeMillo, R., Lipton, R.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  5. 5.
    Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)Google Scholar
  6. 6.
    Chokhani, S., et al.: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework, RFC 3647 (November 2003)Google Scholar
  7. 7.
    Diffie, W., Hellman, M.E.: New Directions in Cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)Google Scholar
  8. 8.
    Garfinkel, S.L.: Email-Based Identification and Authentication: An Alternative to PKI? IEEE Security & Privacy 1(6), 20–26 (2003)CrossRefGoogle Scholar
  9. 9.
    ISO/IEC 7498-2, Information Processing Systems—Open Systems Interconnection Reference Model—Part 2: Security Architecture (1989)Google Scholar
  10. 10.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  11. 11.
    Kocher, P.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  12. 12.
    Lopez, J., Oppliger, R., Pernul, G.: Why have public key infrastructures failed so far? work in progressGoogle Scholar
  13. 13.
    Oppliger, R.: Security Technologies for the World Wide Web, 2nd edn. Artech House Publishers, Norwood (2003)Google Scholar
  14. 14.
    Oppliger, R.: Contemporary Cryptography. Artech House Publishers, Norwood (2005)zbMATHGoogle Scholar
  15. 15.
    Oppliger, R.: Server-based Signatures: A Different Approach. work in progressGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Javier Lopez
    • 1
  • Rolf Oppliger
    • 2
  • Günther Pernul
    • 3
  1. 1.Computer Science Dept.University of MalagaMalagaSpain
  2. 2.eSECURITY TechnologiesGümligenSwitzerland
  3. 3.University of RegensburgGermany

Personalised recommendations