research-article

Certificate revocation and certificate update

Authors:

M. Naor,

K. NissimAuthors Info & Claims

IEEE Journal on Selected Areas in Communications, Volume 18, Issue 4

Pages 561 - 570

https://doi.org/10.1109/49.839932

Published: 01 September 2006 Publication History

Abstract

We present a solution for the problem of certificate revocation. This solution represents certificate revocation lists by authenticated dictionaries that support: (1) efficient verification whether a certificate is in the list or not and (2) efficient updates (adding/removing certificates from the list). The suggested solution gains in scalability, communication costs, robustness to parameter changes, and update rate. Comparisons to the following solutions (and variants) are included: “traditional” certificate revocation lists (CRLs), Micali's (see Tech. Memo MIT/LCS/TM-542b, 1996) certificate revocation system (CRS), and Kocher's (see Financial Cryptography-FC'98 Lecture Notes in Computer Science. Berlin: Springer-Verlag, 1998, vol.1465, p.172-7) certificate revocation trees (CRT). We also consider a scenario in which certificates are not revoked, but frequently issued for short-term periods. Based on the authenticated dictionary scheme, a certificate update scheme is presented in which all certificates are updated by a common message. The suggested solutions for certificate revocation and certificate update problems are better than current solutions with respect to communication costs, update rate, and robustness to changes in parameters, and are compatible, e.g., with X.500 certificates

Cited By

View all

Chai BYu JYan BYu YWang S(2024)BSCDA: Blockchain-Based Secure Cross-Domain Data Access Scheme for Internet of ThingsIEEE Transactions on Network and Service Management10.1109/TNSM.2024.338577721:4(4006-4023)Online publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1109/TNSM.2024.3385777
Khan SLuo FZhang ZUllah FAmin FQadri SHeyat MRuby RWang LUllah SLi MLeung VWu K(2023)A Survey on X.509 Public-Key Infrastructure, Certificate Revocation, and Their Modern Implementation on Blockchain and Ledger TechnologiesIEEE Communications Surveys & Tutorials10.1109/COMST.2023.332364025:4(2529-2568)Online publication date: 1-Oct-2023
https://dl.acm.org/doi/10.1109/COMST.2023.3323640
Sun JZhou FWang QJiao ZZhang Y(2023)Flexible revocation and verifiability for outsourced Private Set Intersection computationJournal of Information Security and Applications10.1016/j.jisa.2023.10343873:COnline publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1016/j.jisa.2023.103438
Show More Cited By

Index Terms

Certificate revocation and certificate update
1. Security and privacy
  1. Security services
    1. Authentication

Index terms have been assigned to the content through auto-classification.

Recommendations

Certificate Revocation and Certificate Update
Augmented certificate revocation lists
ACISP'06: Proceedings of the 11th Australasian conference on Information Security and Privacy

We present a simple yet clever extension to the delta certificate revocation list(CRL) [1], the augmented certificate revocation list (ACRL). ACRLs contain revocation updates only and certificate verifiers construct complete CRLs locally. Locally ...
Separable implicit certificate revocation
ICISC'04: Proceedings of the 7th international conference on Information Security and Cryptology

The popular certificate revocation systems such as CRL and OCSP have a common drawback that they are explicit certificate revocation; the sender must obtain the revocation status information of the receiver’s certificate, before sending an encrypted ...

Comments

Information & Contributors

Information

Published In

cover image IEEE Journal on Selected Areas in Communications

IEEE Journal on Selected Areas in Communications Volume 18, Issue 4

September 2006

89 pages

ISSN:0733-8716

Issue’s Table of Contents

Publisher

IEEE Press

Publication History

Published: 01 September 2006

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

77
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Chai BYu JYan BYu YWang S(2024)BSCDA: Blockchain-Based Secure Cross-Domain Data Access Scheme for Internet of ThingsIEEE Transactions on Network and Service Management10.1109/TNSM.2024.338577721:4(4006-4023)Online publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1109/TNSM.2024.3385777
Khan SLuo FZhang ZUllah FAmin FQadri SHeyat MRuby RWang LUllah SLi MLeung VWu K(2023)A Survey on X.509 Public-Key Infrastructure, Certificate Revocation, and Their Modern Implementation on Blockchain and Ledger TechnologiesIEEE Communications Surveys & Tutorials10.1109/COMST.2023.332364025:4(2529-2568)Online publication date: 1-Oct-2023
https://dl.acm.org/doi/10.1109/COMST.2023.3323640
Sun JZhou FWang QJiao ZZhang Y(2023)Flexible revocation and verifiability for outsourced Private Set Intersection computationJournal of Information Security and Applications10.1016/j.jisa.2023.10343873:COnline publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1016/j.jisa.2023.103438
Höglund JFuruhed MRaza S(2023)Lightweight certificate revocation for low-power IoT with end-to-end securityJournal of Information Security and Applications10.1016/j.jisa.2023.10342473:COnline publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1016/j.jisa.2023.103424
Riad KElhoseny M(2022)A Blockchain-Based Key-Revocation Access Control for Open BankingWireless Communications & Mobile Computing10.1155/2022/32008912022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/3200891
Xie JTan XTan L(2022)CR-BASecurity and Communication Networks10.1155/2022/20691952022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/2069195
Elloh Adja YHammi BSerhrouchni AZeadally S(2021)A blockchain-based certificate revocation management and status verification systemComputers and Security10.1016/j.cose.2021.102209104:COnline publication date: 1-May-2021
https://dl.acm.org/doi/10.1016/j.cose.2021.102209
Etemad MKüpçü A(2020)Generic Dynamic Data Outsourcing Framework for Integrity VerificationACM Computing Surveys10.1145/336599853:1(1-32)Online publication date: 6-Feb-2020
https://dl.acm.org/doi/10.1145/3365998
Xie CWeng JWeng JHou L(2020)Scalable revocable identity-based signature over lattices in the standard modelInformation Sciences: an International Journal10.1016/j.ins.2020.01.008518:C(29-38)Online publication date: 1-May-2020
https://dl.acm.org/doi/10.1016/j.ins.2020.01.008
Garba ABochem ALeiding B(2020)BlockVoke – Fast, Blockchain-Based Certificate Revocation for PKIs and the Web of TrustInformation Security10.1007/978-3-030-62974-8_18(315-333)Online publication date: 16-Dec-2020
https://dl.acm.org/doi/10.1007/978-3-030-62974-8_18
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Index Terms

Recommendations