On reduction of bootstrapping information using digital multisignature

Abstract

The bootstrapping of security mechanisms for large-scale information systems is an important and critical exercise. Several Trusted Third Parties (TTPs) are being setup world wide for establishing authenticity. They primarily use Hardware Security Module (HSM), tamper proof device, for signing the user's certificates. In order to have Disaster Recovery Process (DRP) in place, cloning of these bootstrapping tamper proof HSMs is desirable. For this, one needs to have a set of effective protocols such that any certificate issued by the original or by the cloned HSM can be distinguished and any misuse be avoided. In this work, we present a set of protocols, which are enhancements to the existing scheme proposed in [1], by incorporating digital multisignature so that the bootstrapping information size and the cost of certificate verification is reduced. © Springer-Verlag 2004.