On interdomain routing security and pretty secure BGP (psBGP)
ACM Transactions on Information and System Security (TISSEC)
Empirical Analysis of Certificate Revocation Lists
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
A practical and efficient tree-list structure for public-key certificate validation
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Reducing the cost of certificate revocation: a case study
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Observations on certification authority key compromise
EuroPKI'10 Proceedings of the 7th European conference on Public key infrastructures, services and applications
On the self-similarity nature of the revocation data
ISC'12 Proceedings of the 15th international conference on Information Security
Impact of the revocation service in PKI prices
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
PPREM: Privacy Preserving REvocation Mechanism for Vehicular Ad Hoc Networks
Computer Standards & Interfaces
Hi-index | 0.00 |
Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this aspect has concentrated on the tradeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real empirical data from VeriSign and derive the probability function for certificate revocation requests. We then prove that a revocation system will become stable after a period of time. Based on these, we show that different certificate authorities should take different strategies for releasing certificate revocation lists for different types of certificate services. We also provide the exact steps by which certificate authorities can derive optimal releasing strategies.