19,008 Hits in 6.0 sec

A Practical and Efficient Tree-List Structure for Public-Key Certificate Validation [chapter]

Tong-Lee Lim, A. Lakshminarayanan, Vira Saksen
Applied Cryptography and Network Security  
In this paper, we present the Tree-List Certificate Validation (TLCV) scheme, which uses a novel tree-list structure to provide efficient certificate validation.  ...  Under this scheme, users in a public-key infrastructure (PKI) are partitioned into clusters and a separate blacklist of revoked certificates is maintained for each cluster.  ...  Acknowledgement We would like to thank the numerous anonymous reviewers for their kind advice and valuable suggestions that have helped improve the quality of this paper.  ... 
doi:10.1007/978-3-540-68914-0_24 dblp:conf/acns/LimLS08 fatcat:3xggd4pafvh3ld43artn5h5jue

Tree-Based Revocation for Certificateless Authentication in Vehicular Ad-Hoc Networks

Pino Caballero-Gil, Francisco Martín-Fernández, Cándido Caballero-Gil
2014 Journal of Computer and Communications  
This work proposes authentication based on identity as a way to increase the efficiency and security of communications in vehicular ad-hoc networks.  ...  Efficient algorithms in the used revocation trees allow reaching a refresh rate of at most simple updates per inserted node.  ...  Acknowledgements Research supported under TIN2011-25452, IPT-2012-0585-370000 and BES-2012-051817.  ... 
doi:10.4236/jcc.2014.29003 fatcat:ywogib6avfhntaocyjqvcfmpmi

Accountable key infrastructure (AKI)

Tiffany Hyun-Jin Kim, Lin-Shung Huang, Adrian Perring, Collin Jackson, Virgil Gligor
2013 Proceedings of the 22nd international conference on World Wide Web - WWW '13  
In this paper, we propose AKI as a new public-key validation infrastructure, to reduce the level of trust in CAs.  ...  AKI efficiently handles common certification operations, and gracefully handles catastrophic events such as domain key loss or compromise.  ...  For certificate validation, the browser uses the trusted root-CA certificates as in current practice, and uses the pre-installed ILS public key(s) on her browser to validate ILS information.  ... 
doi:10.1145/2488388.2488448 dblp:conf/www/KimHPJG13 fatcat:5nccffrvjncq7pb7luryle644a

Revocation for Certificateless Authentication in VANETs

Pino Caballero-Gil, Francisco Martín Fernández, Cándido Caballero-Gil
2014 International Journal of Intelligent Computing Research  
In order to improve the performance of revocation lists, this paper proposes the use of a data structure based on authenticated dynamic hash k-ary trees and the frequency with which revoked pseudonyms  ...  In particular, the proposal is designed to be used for identity-based authentication, which allows taking advantage of the efficiency and safety of certificateless authentication.  ...  Acknowledgements Research supported by the MINECO and the FEDER under Projects TIN2011-25452 and IPT-2012-0585-370000, and the scholarship BES-2012-051817. References  ... 
doi:10.20533/ijicr.2042.4655.2014.0057 fatcat:75l7y225xnbfzgunxbt4q2cxcm

Accountable and Transparent TLS Certificate Management: An Alternate Public-Key Infrastructure with Verifiable Trusted Parties

Salabat Khan, Zijian Zhang, Liehuang Zhu, Meng Li, Qamas Gul Khan Safi, Xiaobing Chen
2018 Security and Communication Networks  
Current Transport Layer Security (TLS) Public-Key Infrastructure (PKI) is a vast and complex system; it consists of processes, policies, and entities that are responsible for a secure certificate management  ...  The performance results and evaluations show that it is feasible for practical use.  ...  Acknowledgments This work is partially supported by China National Key Research and Development Program no. 2016YFB0800301 and National Natural Science Foundation of China "NSFC" no. 61300177.  ... 
doi:10.1155/2018/8527010 fatcat:shkp4rwzmvc23jgxiohuri26vu

Efficient Long-Term Validation of Digital Signatures [chapter]

Arne Ansper, Ahto Buldas, Meelis Roos, Jan Willemson
2001 Lecture Notes in Computer Science  
The conventional validation techniques have been designed just for ephemeral use of signatures and are impractical for long-term validation.  ...  We present a new scheme that: (1) provides fast revocation while giving no extra power to on-line service providers; (2) supports long-term validation; (3) is lightweight and scalable.  ...  They showed that for long-term validation it is more efficient to manage public key databases rather than to use individually signed certificates.  ... 
doi:10.1007/3-540-44586-2_29 fatcat:oh4i7iffengqjbjdijgrlthrey

F-PKI: Enabling Innovation and Trust Flexibility in the HTTPS Public-Key Infrastructure [article]

Laurent Chuat, Cyrill Krähenbühl, Prateek Mittal, Adrian Perrig
2021 arXiv   pre-print
for their domain name) and each client can set or choose a validation policy based on trust levels.  ...  We present F-PKI, an enhancement to the HTTPS public-key infrastructure that gives trust flexibility to both clients and domain owners while giving certification authorities (CAs) means to enforce stronger  ...  allow any certificate with a different public key to be considered valid.  ... 
arXiv:2108.08581v1 fatcat:grfezbz5hrdldddxtqnwlww5su

A Study on KSI-based Authentication Management and Communication for Secure Smart Home Environments

2018 KSII Transactions on Internet and Information Systems  
In addition, we propose a smart home environment that can reduce the storage space by using Extended Merkle Tree and secure and efficient KSI-based authentication and communication with enhanced security  ...  In this paper, we provide confidentiality by applying group key and key management based on multi -solution chain.  ...  As such, the PKI has a structure for creating, distributing, using, storing, and revoking certificates that bind public key and ownership.  ... 
doi:10.3837/tiis.2018.02.021 fatcat:prjyyr6itvdizpuvmwi5llswge

Eliminating counterevidence with applications to accountable certificate management1

Ahto Buldas, Peeter Laud, Helger Lipmaa
2002 Journal of Computer Security  
We give an efficient construction for undeniable attesters based on authenticated search trees. We show that the construction also applies to sets of more structured elements.  ...  This paper presents a method to increase the accountability of certificate management by making it intractable for the certification authority (CA) to create contradictory statements about the validity  ...  In practice, S is dynamic and the CA may remove valid certificates or insert invalid certificates from S at his will.  ... 
doi:10.3233/jcs-2002-10304 fatcat:zle2zvqocncshl3b4iarxipnae

Application of Public Ledgers to Revocation in Distributed Access Control [article]

Thanh Bui, Tuomas Aura
2016 arXiv   pre-print
There has recently been a flood of interest in potential new applications of blockchains, as well as proposals for more generic designs called public ledgers.  ...  This paper investigates the applications of public ledgers to access control and, more specifically, to group management in distributed systems where entities are represented by their public keys and authorization  ...  A. Certificate chains and group management In a PKI, each user or other entity is represented by a public-key pair [PK , SK ].  ... 
arXiv:1608.06592v1 fatcat:dj6ckvqh7ngsjnjzi3s5ucd7sa

Associative Blockchain for Decentralized PKI Transparency

Xavier Boyen, Udyani Herath, Matthew McKague, Douglas Stebila
2021 Cryptography  
The conventional public key infrastructure (PKI) model, which powers most of the Internet, suffers from an excess of trust into certificate authorities (CAs), compounded by a lack of transparency which  ...  certificates and revocations for any domain.  ...  Authcoin [21] is a proposal that focuses on the validation and authentication of public keys, rather than identity retention.  ... 
doi:10.3390/cryptography5020014 fatcat:hh2jr4hd6ncwrjvul24quoavdu


Pawel Szalachowski, Stephanos Matsumoto, Adrian Perrig
2014 Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security - CCS '14  
The recently proposed concept of publicly verifiable logs is a promising approach for mitigating security issues and threats of the current Public-Key Infrastructure (PKI).  ...  and clean mechanisms for certificate management, and c) an incentivised incremental deployment plan.  ...  We would like to thank Lorenzo Baesso and Lin Chen for programming assistance, and Raphael Reischuk, Ralf Sasse for providing us with valuable feedback in finalizing the paper.  ... 
doi:10.1145/2660267.2660355 dblp:conf/ccs/SzalachowskiMP14 fatcat:tdibg3o7inbcbf4oi73rnbjkcm

Accountable certificate management using undeniable attestations

Ahto Buldas, Peeter Laud, Helger Lipmaa
2000 Proceedings of the 7th ACM conference on Computer and communications security - CCS '00  
Our main contribution is a model for accountable certificate management, where clients receive attestations confirming inclusion/removal of their certificates from the database of valid certificates.  ...  We introduce authenticated search trees and build an efficient undeniable attester upon them. The proposed system is the first accountable long-term certificate management system.  ...  List Attester One-time Signature Attester A more efficient attester can be based on one-time signatures (in the context of the public key infrastructure, this idea was proposed in [19] and later refined  ... 
doi:10.1145/352600.352604 dblp:conf/ccs/BuldasLL00 fatcat:nfa3npax6ngh3mtn7ihvohgoc4

Asynchronous Large-Scale Certification Based on Certificate Verification Trees [chapter]

Josep Domingo-Ferrer, Marc Alba, Francesc Sebé
2001 IFIP Advances in Information and Communication Technology  
In most aspects, the CVT approach outperforms previous approaches like X.509 and certificate revocation lists, SDSI/SPKI, certificate revocation trees, etc.  ...  However, there is a tradeoff between manageability for the CA and response time for the user: CVT-based certification as initially proposed is synchronous, i.e. certificates are only issued and revoked  ...  CONCLUSION Certificate verification trees are a very convenient data structure for managing large-scale public key directories.  ... 
doi:10.1007/978-0-387-35413-2_17 fatcat:fntvm4hbcbaunhrpufd52s7ca4

Privacy-preserving revocation checking

M. Narasimha, J. Solis, G. Tsudik
2008 International Journal of Information Security  
Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners.  ...  For this reason, whenever a client (user or program) needs to assert the validity of another party's certificate, it performs a certificate revocation check.  ...  We are also grateful to Einar Mykletun and Marina Blanton for their helpful comments.  ... 
doi:10.1007/s10207-008-0064-z fatcat:g7zllyqxxzbkveatgoc4tpmhhu
« Previous Showing results 1 — 15 out of 19,008 results