Hurdles with Implicit Certificates


Abstract

A short introduction into implicit certificate schemes is provided.  Qu discovered an attack on the composition of an implicit certificate scheme known as optimal mail certificates (OMC) and ECDSA. This attack is an undetectable forgery by a passive adversary that requires no interaction with a signer or the certificate authority.  We highlight where the attack fails when the OMC-scheme is replaced by the elliptic curve Qu-Vanstone (ECQV) certificate scheme.  We indicate a proof of security against a passive adversary of ECQV combined with ECDSA under the generic group and random oracle model.  The talk will end with some real world application and uses of implicit certificate schemes.

Speaker Bio  Matthew Campagna, Certicom

Matthew Campagna is the Director of Certicom Research for Advanced Technology at BlackBerry(BBRY).  Matthew has conducted and managed research into elliptic curve cryptography and its standardization for Certicom and, subsequent to its acquisition, for BlackBerry.  Matthew has specialized on development of efficient implementation and the development of new cryptographic primitives using elliptic curve cryptography suitable for emerging and embedded platforms.

Prior to joining Certicom, Matthew managed the Secure Systems research group at Pitney Bowes. In addition to managing Matthew functioned as the company’s lead cryptographic researcher.  Matthew’s focus was on developing, engineering and deploying efficient public key systems for low cost and low computing power devices communicating over restricted communication channels. Matthew worked for the United States’ National Security Agency (NSA) as a senior cryptologic mathematician focused on symmetric key cryptologic design and commercial cryptography.  He holds a Ph.D. in mathematics from Wesleyan University in group theory, and a bachelor’s degree in mathematics and economics from Fordham University.

Comment