Entry Date:
May 5, 2002

Self-Delegation with Controlled Propagation


Self-Delegation with Controlled Propagation introduces delegation schemes wherein a user may delegate rights to himself,
i.e., to other public keys he owns, but may not safely delegate those rights to others, i.e., to their public keys. In the motivating application, a user has a primary (long-term) key that receives rights, such as access privileges, that may not be delegated to others, yet the user may reasonably wish to delegate these rights to new secondary (short-term) keys he creates to use on his laptop when traveling, to avoid having to store his primary secret key on the vulnerable laptop. We propose several cryptographic schemes, both generic and practical, that allow such self-delegation while providing strong motivation for the user not to delegate rights that he only obtained for personal use to other parties.