Paper 1997/012

Self-Delegation with Controlled Propagation - or - What If You Lose Your Laptop.

Oded Goldreich, Birgit Pfitzmann, and Ronald L. Rivest


We introduce delegation schemes wherein a user may delegate rights to himself, i.e., to other public keys he owns, but may not safely delegate those rights to others, i.e., to their public keys. In our motivating application, a user has a primary (long-term) key that receives rights, such as access privileges, that may not be delegated to others, yet the user may reasonably wish to delegate these rights to new secondary (short-term) keys he creates to use on his laptop when traveling, to avoid having to store his primary secret key on the vulnerable laptop. We propose several cryptographic schemes, both generic and practical, that allow such self-delegation while providing strong motivation for the user not to delegate rights that he only obtained for personal use to other parties.

Available format(s)
Publication info
Published elsewhere. Appeared in the THEORY OF CRYPTOGRAPHY LIBRARY and has been included in the ePrint Archive.
Delegationsubkeyskey hierarchyZero-Knowledge ProofsKnowledge ComplexityThreshold Schemesgradual release of secretsSignature SchemesNon-Interactive Zero-KnowledgeCommitment Schemes.
Contact author(s)
oded @ wisdom weizmann ac il
1998-08-01: last of 2 revisions
1997-09-16: received
Short URL
Creative Commons Attribution


      author = {Oded Goldreich and Birgit Pfitzmann and Ronald L.  Rivest},
      title = {Self-Delegation with Controlled Propagation - or - What If You Lose Your Laptop.},
      howpublished = {Cryptology ePrint Archive, Paper 1997/012},
      year = {1997},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.