Optimal trade-off for Merkle tree traversal
Theoretical Computer Science
Smart card-based agents for fair non-repudiation
Computer Networks: The International Journal of Computer and Telecommunications Networking
H-OCSP: A protocol to reduce the processing burden in online certificate status validation
Electronic Commerce Research
Certificate status validation in mobile ad hoc networks
IEEE Wireless Communications
Efficient certificate revocation system implementation: Huffman Merkle Hash Tree (HuffMHT)
TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
Using automated banking certificates to detect unauthorised financial transactions
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
XSS-Dec: a hybrid solution to mitigate cross-site scripting attacks
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
| Hi-index | 0.00 |
Public-key cryptography is widely used to provide Internet security services. The public-key infrastructure (PKI) is the infrastructure that supports the public-key cryptography, and the revocation of certificates implies one of its major costs. The goal of this article is to explain in detail a certificate revocation system based on the Merkle hash tree (MHT) called AD–MHT. AD–MHT uses the data structures proposed by Naor and Nissim in their authenticated dictionary (AD) [20]. This work describes the tools used and the details of the AD–MHT implementation. The authors also address important issues not addressed in the original AD proposal, such as responding to a request, revoking a certificate, deleting an expired certificate, the status checking protocol for communicating the AD–MHT repository with the users, verifying a response, system security, and, finally, performance evaluation.