Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations
Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations
Can We Eliminate Certificate Revocations Lists?
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A Model of Certificate Revocation
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Recent-secure authentication: enforcing revocation in distributed systems
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
A More Efficient Use of Delta-CRLs
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Efficient Certificate Revocation
Efficient Certificate Revocation
Certificate revocation and certificate update
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
QPKI: A QoS-Based Architecture for Public-Key Infrastructure (PKI)
INDOCRYPT '02 Proceedings of the Third International Conference on Cryptology: Progress in Cryptology
Hi-index | 0.00 |
With the ever-increasing growth in electronic messaging and electronic commerce, the need for an infrastructure to provide confidentiality, security, and confidence for such exchanges to take place is quite evident [2]. Here, public keys and certificates are issued to users for authorization purposes. One of the primary concerns in these systems is the handling of certificate revocation prior to the expiration date. In this paper, we propose a new approach for managing certificate revocation. All existing schemes require that the information about revoked certificates be sent only periodically to the directories used for verification. This gives rise to the problem of obsolescence. To overcome this problem, we have introduced a new layer in the traditional architecture. Using a preliminary analysis, we show the impact of the new scheme on the up-to-datedness, robustness, load distribution, and response time of the system. Similarly, we show the additional costs incurred in terms of communication cost, processing cost, and hardware costs.