Data Structures and Algorithms
Data Structures and Algorithms
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A Model of Certificate Revocation
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Efficient Certificate Revocation
Efficient Certificate Revocation
Certificate revocation system implementation based on the Merkle hash tree
International Journal of Information Security
Minimizing TTP's involvement in signature validation
International Journal of Information Security
Evaluation of certificate validation mechanisms
Computer Communications
Towards a framework for evaluating certificate status information mechanisms
Computer Communications
Certificate revocation and certificate update
IEEE Journal on Selected Areas in Communications
Digital certificate management for document workflows in E-government services
EGOV'10 Proceedings of the 9th IFIP WG 8.5 international conference on Electronic government
Hi-index | 0.00 |
Public-key cryptography is widely used as the underlying mechanism for securing many protocols and applications in the Internet. A Public Key Infrastructure (PKI) is required to securely deliver public-keys to widely-distributed users or systems. The public key is usually made public by means of a digital document called certificate. Certificates are valid during a certain period of time; however, there are circumstances under which the validity of a certificate must be terminated sooner than assigned and thus, the certificate needs to be revoked. The Online Certificate Status Protocol (OCSP) is one of the most used protocols for retrieving certificate status information from the PKI. However, the OCSP protocol requires online signatures, which is a costly operation. In this article, we present an improvement over OCSP based on hash chains that reduces the processing burden in the server which in turn provides an additional protection against attacks based on flooding of queries.