An Identity and Certificate Manager

Author(s)

Wu, Brian C

Alternative title

ICM

Other Contributors

Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.

Advisor

Roger Khazan and Joseph Cooley.

Abstract

We have designed and implemented a software library, called Identity and Certificate Manager (ICM), for managing, using, and exchanging application-level usernames, users' digital certificates, and cryptographic username-certificate bindings. ICM can be used in a variety of personal communication applications, such as chat, email, VoIP telephony, and web browsing. As part of ICM, we designed and implemented a communication-efficient protocol, called Identity and Certificate Exchange (ICE), for exchanging certificates, usernames, and bindings within applications. The protocol avoids sending redundant information by remembering what information has been sent to whom; this feature is critical in low-bandwidth networks. The protocol also implements a robust fail-over mechanism for handling out-of-sync situations. To illustrate the benefits of ICM and ICE, we used ICM in a plugin for a popular chat-client, called Pidgin. The plugin allows users to engage in authenticated communication over any of the chat protocols supported by Pidgin, such as Jabber and Oscar (AIM). The plugin relies on ICE to provide assurances about users' identities and to efficiently disseminate users' certificates.

Description

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.
Includes bibliographical references (p. 97-98).

Date issued

2007

URI

http://hdl.handle.net/1721.1/46461

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.