Location of Repository

Certificate Revocation and Certificate Update

By Moni Naor and Kobbi Nissim

Abstract

We present a solution for the problem of certificate revocation. This solution represents Certificate Revocation Lists by authenticated dictionaries that support (i) efficient verification whether a certificate is in the list or not, and (ii) efficient updates (adding/removing certificates from the list). The suggested solution gains in scalability, communication costs, robustness to parameter changes and update rate. Comparisons to the following solutions (and variants) are included: `traditional' CRLs (Certificate Revocation Lists), Micali's Certificate Revocation System (CRS) and Kocher's Certificate Revocation Trees (CRT). We also consider a scenario in which certificates are not revoked, but frequently issued for short-term periods. Based on the authenticated dictionary scheme, a certificate update scheme is presented in which all certificates are updated by a common message. The suggested solutions for certificate revocation and certificate update problems is better than curren..

Year: 1998
OAI identifier: oai:CiteSeerX.psu:10.1.1.41.7072
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.wisdom.weizmann.ac.... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.