5,012 Hits in 4.9 sec

Can we eliminate certificate revocation lists? [chapter]

Ronald L. Rivest
1998 Lecture Notes in Computer Science  
We briefly consider certificate revocation lists (CRLs), and ask whether they could, and should, be eliminated, in favor of other mechanisms. In most cases, the answer seems to be "yes."  ...  We suggest some possible replacement mechanisms.  ...  Conclusions We see that one can do without CRL's.  ... 
doi:10.1007/bfb0055482 fatcat:g4anensxkvfapfjiv2s4smidk4

Empirical Analysis of Certificate Revocation Lists [chapter]

Daryl Walleck, Yingjiu Li, Shouhuai Xu
2008 Lecture Notes in Computer Science  
Though various certificate revocation mechanisms have been proposed to address this issue, little effort has been devoted to the empirical analysis of real-world certificate revocation data.  ...  Managing public key certificates revocation has long been a central issue in public key infrastructures.  ...  Previous research on certificate revocation management has primarily focused on the tradeoffs that can be made among different revocation mechanisms [6, 15] , including certificate revocation list (CRL  ... 
doi:10.1007/978-3-540-70567-3_13 fatcat:5k7ea4xeivfrddmrlawezllwaa

Efficient Certificate Revocation List Organization and Distribution

Jason J. Haas, Yih-Chun Hu, Kenneth P. Laberteaux
2011 IEEE Journal on Selected Areas in Communications  
To distribute revocation information quickly even during incremental deployment, we propose that CAs use Certificate Revocation Lists (CRLs).  ...  Additionally, we expand on our previous work [2] to provide privacy to revoked vehicles prior to their revocation.  ...  To increase the revocation list management efficiency, a Bloom filter [14] can be loaded with revoked certificate identifiers.  ... 
doi:10.1109/jsac.2011.110309 fatcat:u3hwtpxqrvbibejn3mevymryrq

Autonomous Certification with List-Based Revocation for Secure V2V Communication [chapter]

Anup Kumar Bhattacharya, Abhijit Das, Dipanwita Roychoudhury, Aravind Iyer, Debojyoti Bhattacharya
2012 Lecture Notes in Computer Science  
In this paper, we propose PKI++, an improvement over PKI+, which brings together the desirable features of PKI and PKI+, namely autonomous certification and list-based revocation.  ...  We compare the proposed algorithm with PKI and PKI+, and show revocation to be less costly in PKI++.  ...  Revocation by publishing Certificate Revocation List: The CA can always purge compromised users by publishing a certificate revocation list (CRL).  ... 
doi:10.1007/978-3-642-35130-3_15 fatcat:kbiihi7zdjepnfyin27ukrryyq

Design of Simple and Efficient Revocation List Distribution in Urban areas for VANET's [article]

Ghassan Samara, Sureswaran Ramadas, Wafaa A.H. Al-Salihy
2010 arXiv   pre-print
Vehicular Ad hoc Networks is one of the most challenging research area in the field of Mobile Ad Hoc Networks, in this research we propose a flexible, simple, and scalable design for revocation list distribution  ...  in VANET, which will reduce channel overhead and eliminate the use of CRL.  ...  In this paper we concerned with certificate revocation distribution, how to protect system from adversary vehicles, how to distribute information about adversary vehicles (Revocation List), in sec. 2 we  ... 
arXiv:1006.5113v1 fatcat:zf6hcvc4lnfdxmrbcwfznsmckm

Efficient, Scalable, and Resilient Vehicle-Centric Certificate Revocation List Distribution in VANETs

Mohammad Khodaei, Panos Papadimitratos
2018 Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks - WiSec '18  
In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs).  ...  In this paper, we propose a vehicle-centric solution that addresses all these challenges and thus closes a gap in the literature.  ...  Revocation List (CRL) can exceed the actual trip duration [1] .  ... 
doi:10.1145/3212480.3212481 dblp:conf/wisec/KhodaeiP18 fatcat:yv2skap7crau5jw4n5jozxvxtq

Scalable & Resilient Vehicle-Centric Certificate Revocation List Distribution in Vehicular Communication Systems

Mohammad Khodaei, Panagiotis Papadimitratos
2020 IEEE Transactions on Mobile Computing  
In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs).  ...  In this paper, we propose a vehicle-centric solution that addresses all these challenges and thus closes a gap in the literature.  ...  Revocation List (CRL) can exceed the actual trip duration [24] .  ... 
doi:10.1109/tmc.2020.2981887 fatcat:t5ch7tsijjaxjgux4n4mekz3tu

Cooperative Certificate Revocation List Distribution Methods in VANETs [chapter]

Michael Nowatkowski, Chris McManus, Jennie Wolfgang, Henry Owen
2010 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
This paper discusses two new methods for distributing certificate revocation lists (CRL) in a vehicular ad hoc network environment using cooperative methods.  ...  The information regarding which certificates are no longer valid, i.e., revoked, is sent out in a certificate revocation list (CRL).  ...  CRL file sizes can range from megabytes to several hundred megabytes, depending on the distribution frequency and the rate of certificate revocation.  ... 
doi:10.1007/978-3-642-11723-7_44 fatcat:qsl2jzsdfzfqrhp2zyzorjd6by

Usable secure mailing lists with untrusted servers

Rakesh Bobba, Joe Muggli, Meenal Pant, Jim Basney, Himanshu Khurana
2009 Proceedings of the 8th Symposium on Identity and Trust on the Internet - IDtrust '09  
We have earlier developed a prototype secure mailing list solution called SELS (Secure Email List Services) based on proxy encryption techniques [20] , which enables the transformation of cipher-text from  ...  However, whenever sensitive information is exchanged on such lists, security becomes crucial.  ...  We thank Pooja Agarwal for helping with unit testing and code review and all the users that participated in the usability evaluation.  ... 
doi:10.1145/1527017.1527032 dblp:conf/idtrust/BobbaMPBK09 fatcat:zuqpe7kcqjdi5p2zu2lzigqkuu

Efficient Certificate Management in VANET [article]

Ghassan Samara
2012 arXiv   pre-print
, and new methods for efficient certificate management, which will Reduce channel overhead by eliminating the use of CRL, and make Better certificate Revocation Management.  ...  Vehicular Ad hoc Networks is one of the most challenging research area in the field of Mobile Ad Hoc Networks, in this research We propose a flexible, simple, and scalable design for VANET certificates  ...  We made the search in the list first as it is faster than the decryption, and this method is more efficient and faster than searching in CRL. • Revocation: Certificate revocation is used as a solution  ... 
arXiv:1206.0305v1 fatcat:aoikwmkz4nh3rnyhkfhrdtdwhe

Review and Revocation of Access Privileges Distributed with PKI Certificates [chapter]

Virgil D. Gligor
2001 Lecture Notes in Computer Science  
Further, we show that PKIs that eliminate identity certificates, such as the SPKI, resolve only selective revocation problems and, at the same time, make access review more complex.  ...  We argue that these PKIs must also support revocation and review policies that are typical of more traditional access control systems; e.g., selective and transitive certificate revocation, and per-object  ...  In section 4, we show that one of the best-known PKIs, namely SPKI [2] , eliminates the need for selective revocation, but offers no support for transitive certificate revocation despite allowing transitive  ... 
doi:10.1007/3-540-44810-1_16 fatcat:pqn6uc7gmbd5jcf7lm6zhqmdp4

Efficient and Fresh Certification [chapter]

Irene Gassko, Peter S. Gemmell, Philip MacKenzie
2000 Lecture Notes in Computer Science  
We compare EFECT to previously proposed systems, including traditional X.509 certificates and Certificate Revocation Lists (CRLs), SDSI/SPKI, Micali's Certificate Revocation System (CRS), Kocher's Certificate  ...  lists/trees.  ...  We propose a system called EFECT (Easy Fast Efficient Certification Technique), which allows us to eliminate structures containing certificate revocation information, such as Certificate Revocation Lists  ... 
doi:10.1007/978-3-540-46588-1_23 fatcat:umc5bj5e3nadxa7euradihtg5i

Enhanced Security Protocol for Spontaneous Wireless ad-hoc Network

2016 International Journal Of Engineering And Computer Science  
In other words, Denial of Service (DoS) attacks should be eliminated, or at least mitigated.  ...  The proposed protocol has the following features Distributed security mechanism, Lightweight, Malicious user revocation capability.  ...  Revocation list contains the identity of the attackers. If a user is identified as the attacker, he/she should be eliminated from the network.  ... 
doi:10.18535/ijecs/v5i12.27 fatcat:ztp5yd6udnbt5ei7fys6o7wtbm

Asynchronous Large-Scale Certification Based on Certificate Verification Trees [chapter]

Josep Domingo-Ferrer, Marc Alba, Francesc Sebé
2001 IFIP Advances in Information and Communication Technology  
In most aspects, the CVT approach outperforms previous approaches like X.509 and certificate revocation lists, SDSI/SPKI, certificate revocation trees, etc.  ...  If short-validity certificates are used, implicit revocation provided by the proposed solutions completely eliminates the need for the signature verifier to check any revocation information (CRLs, CRTs  ...  The current certificate is not revoked by Protocol 3. To eliminate the need for explicit revocation of the current certificate, short-validity certificates can be used.  ... 
doi:10.1007/978-0-387-35413-2_17 fatcat:fntvm4hbcbaunhrpufd52s7ca4

Certificate Revocation for MANET using Clustering

Bhagyashri C., Gayatri Ambadkar, Rajendra D.
2016 International Journal of Computer Applications  
Certificate revocation is used to examine attackers from participating in networks activities in future.  ...  To revoke certificates of malicious nodes present in networks, certificate revocation is one of the best scheme. It plays an important role in detecting falsely accused node within networks.  ...  [3] In this paper, we have studied and proposed certificate revocation mechanism for secure network communication.  ... 
doi:10.5120/ijca2016911641 fatcat:krpjdiagmfh7vnjtpusiksvnie
« Previous Showing results 1 — 15 out of 5,012 results