Menu
▾
▴
Re: [Trustedjava-support] How to Encrypt by the private part of AIK
|
From: Ronald T. <ron...@ia...> - 2010-10-20 12:41:07
|
Hello, On 10/20/2010 02:24 PM, FADY FADY wrote: > Dear Ronald > Thank U for your response > > My Question is > If we have two entities 1 and 2 with Keys AIK1 and AIK2 respectively > can entity 1 sign by AIK1private then encrypt by AIK2public > so entity 2 decrypt by AIK2private then by AIK1public? This cannot be done, because AIKs can only sign but not encrypt. > If this cant not be done, can we make two binding keys where there > parents are AIK1 and AIK2 respectively, and do by these binding keys > what we try to do by AIKs in the first question? Yes. You can implement the scheme presented in "Securing the Distribution and Storage of Secrets with Trusted Platform Modules" by Paul E. Sevinç, Mario Strasser and David Basin. http://www.springerlink.com/content/b77jr665x9122q16/ Depending on your use case, you might want to modify it according to "Formal Analysis of a TPM-Based Secrets Distribution and Storage Scheme" by Toegl, R.; Hofferek, G.; Greimel, K.; Leung, A.; Phan, R.C.-W.; Bloem, R.; http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4709329&tag=1 Have fun, Ronald -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Secure and Correct Systems fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
