An Identity and Certificate Manager
Author(s)
Wu, Brian C
DownloadFull printable version (15.42Mb)
Alternative title
ICM
Other Contributors
Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.
Advisor
Roger Khazan and Joseph Cooley.
Terms of use
Metadata
Show full item recordAbstract
We have designed and implemented a software library, called Identity and Certificate Manager (ICM), for managing, using, and exchanging application-level usernames, users' digital certificates, and cryptographic username-certificate bindings. ICM can be used in a variety of personal communication applications, such as chat, email, VoIP telephony, and web browsing. As part of ICM, we designed and implemented a communication-efficient protocol, called Identity and Certificate Exchange (ICE), for exchanging certificates, usernames, and bindings within applications. The protocol avoids sending redundant information by remembering what information has been sent to whom; this feature is critical in low-bandwidth networks. The protocol also implements a robust fail-over mechanism for handling out-of-sync situations. To illustrate the benefits of ICM and ICE, we used ICM in a plugin for a popular chat-client, called Pidgin. The plugin allows users to engage in authenticated communication over any of the chat protocols supported by Pidgin, such as Jabber and Oscar (AIM). The plugin relies on ICE to provide assurances about users' identities and to efficiently disseminate users' certificates.
Description
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007. Includes bibliographical references (p. 97-98).
Date issued
2007Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.