16th Annual Computer Security Applications Conference
December 11-15, 2000
New Orleans, Louisiana

Introducing Decryption Authority into PKI

Feng Bao
Kent Ridge Digital Labs

It is well-known that CA plays the central role in PKI. In this paper, we introduce a new component into PKI, DA (decryption authority), which decrypts important and sensitive messages for clients under certain conditions. A PKI with DA provides solutions to many security problems in e-commerce and on-line transactions. If we consider that public key cryptography provides both digital signature and asymmetric encryption technologies, DA completes PKI by adding the missing half function. More importantly, DA can greatly increase PKI implementation service revenue. In this paper, we describe the application background and technical principle of DA, give a general explanation on how DA serves clients, and review some relevant research work. We believe that the PKI with DA has great potential to lead to a killing product for e-commerce security.

Read Paper Read Paper (in PDF)