21,499 Hits in 2.7 sec

Certificate revocation and certificate update

M. Naor, K. Nissim
2000 IEEE Journal on Selected Areas in Communications  
Comparisons to the following solutions are included: traditional' CRLs Certi cate Revocation Lists, Micali's Certi cate Revocation System CRS and Kocher's Certi cate Revocation Trees CRT.  ...  A new solution is suggested for the problem of certi cate revocation. This solution represents Certi cate Revocation Lists by an authenticated search data structure.  ...  List CRL 20 , Certi cate Revocation System CRS 18 and Cer- ti cate Revocation Trees CRT 16 .  ... 
doi:10.1109/49.839932 fatcat:swvoazna65g25ewarohnt7hav4

Generalized certificate revocation

Carl A. Gunter, Trevor Jim
2000 Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '00  
We introduce a language for creating and manipulating certificates, that is, digitally signed data based on public key cryptography, and a system for revoking certificates.  ...  Our approach provides a uniform mechanism for secure distribution of pubic key bindings, authorizations, and revocation information.  ...  published on Certificate Revocation Lists (CRL's).  ... 
doi:10.1145/325694.325736 dblp:conf/popl/GunterJ00 fatcat:mcwlyrqng5a5lc7jwzsa5gxmwq

Certificate Revocation Paradigms [article]

Jan Willemson
1999 arXiv   pre-print
The official standardized X.509 framework also depends heavily on offline operations, one of the most complicated ones being certificate revocation handling.  ...  This is done via huge Certificate Revocation Lists which are both inconvenient and expencive. Several improvements to these lists are proposed and in this report we try to analyze them briefly.  ...  Figure 1: Hierarchical Certificate Revocation Scheme Figure 2 : 2 Figure 2: Certificate Revocation Tree structure  ... 
arXiv:cs/9909012v1 fatcat:txcic2tccfathpo4i4zdzu36ea

Fast Digital Certificate Revocation [chapter]

Vipul Goyal
2004 Security and Protection in Information Processing Systems  
We briefly discuss the existing certificate revocation techniques and then present a new online revocation technique.  ...  The revocation mechanisms are commonly classified into Certificate Revocation Lists (CRLs), trusted dictionaries and online mechanisms.  ...  A clean separation between certificate creation and certificate revocation permits CA's delegationloutsourcing of the revocation process.  ... 
doi:10.1007/1-4020-8143-x_32 dblp:conf/sec/Goyal04 fatcat:fnahrloxrbhxpjwsaz56gzuipi

Trusted Principal-Hosted Certificate Revocation [chapter]

Sufatrio, Roland H. C. Yap
2011 IFIP Advances in Information and Communication Technology  
This paper revisits the problem of providing timely certificate revocation focusing on the needs of mobile devices.  ...  We survey existing schemes then present a new approach where the principal's server functions as the directory for its own revocation information.  ...  In X.509 based PKI [3, 4] , certificate revocation is conducted mainly by two standardized mechanisms, namely Certificate Revocation List (CRL) [4] and Online Certificate Status Protocol (OCSP) [5]  ... 
doi:10.1007/978-3-642-22200-9_15 fatcat:6even2awazc4nflnauvd4b7jje

Certificate Revocation Using Fine Grained Certificate Space Partitioning [chapter]

Vipul Goyal
2007 Lecture Notes in Computer Science  
A new certificate revocation system is presented. The basic idea is to divide the certificate space into several partitions, the number of partitions being dependent on the PKI environment.  ...  We show that for many practical values of the system parameters, our scheme is more efficient than the three well known certificate revocation techniques: CRL, CRS and CRT.  ...  Certificate Revocation Techniques Certificate Revocation List (CRL) is the first and the simplest method of certificate revocation.  ... 
doi:10.1007/978-3-540-77366-5_24 fatcat:cww4bfkw3rcx7jx5cb4ycb2k2a

Certificate-Based Encryption and the Certificate Revocation Problem [chapter]

Craig Gentry
2003 Lecture Notes in Computer Science  
We introduce the notion of certificate-based encryption. In this model, a certificate -or, more generally, a signature -acts not only as a certificate but also as a decryption key.  ...  Certificate-based encryption combines the best aspects of identity-based encryption (implicit certification) and public key encryption (no escrow).  ...  Distributing large amounts of fresh certification information is the "certificate revocation problem."  ... 
doi:10.1007/3-540-39200-9_17 fatcat:txerxikgxbao5npozxlw5m5vey

Can we eliminate certificate revocation lists? [chapter]

Ronald L. Rivest
1998 Lecture Notes in Computer Science  
We briefly consider certificate revocation lists (CRLs), and ask whether they could, and should, be eliminated, in favor of other mechanisms. In most cases, the answer seems to be "yes."  ...  Indeed, it is possible to organize a certificate infrastructure so that a signer can present just a collection of certificates to the acceptor as evidence in support of the signature and the signed message  ...  The acceptor and signer might negotiate about the recency of some of the certificates, in which case it is the signer's responsibility to get more recent replacements.  ... 
doi:10.1007/bfb0055482 fatcat:g4anensxkvfapfjiv2s4smidk4

Certificate Revocation for MANET using Clustering

Bhagyashri C., Gayatri Ambadkar, Rajendra D.
2016 International Journal of Computer Applications  
Certificate revocation is used to examine attackers from participating in networks activities in future.  ...  To revoke certificates of malicious nodes present in networks, certificate revocation is one of the best scheme. It plays an important role in detecting falsely accused node within networks.  ...  For accurate and quick certificate revocation, proposed cluster based certificate revocation with vindication capability for MANET.  ... 
doi:10.5120/ijca2016911641 fatcat:krpjdiagmfh7vnjtpusiksvnie

Reducing Certificate Revocation Cost using NPKI [chapter]

Albert Levi, Cetin Kaya Koç
2001 IFIP Advances in Information and Communication Technology  
Problems with certificate revocation status control limit the deployment of Public Key Infrastructure (PKI). Classical certificate paths require revocation control of all certificates on the path.  ...  In this paper, we show how the recently proposed NPKI (Nested certificate based PKI) system reduces the number of revocation status controls to at most two.  ...  Certificate revocation mechanisms must be incorporated into the PKI. The best-known revocation mechanism is the Certificate Revocation Lists (CRLs).  ... 
doi:10.1007/0-306-46998-7_4 fatcat:j2yvljg5xzaytdvq3k5u34f2y4

QuasiModo: Efficient Certificate Validation and Revocation [chapter]

Farid F. Elwailly, Craig Gentry, Zulfikar Ramzan
2004 Lecture Notes in Computer Science  
Our second scheme is a direct improvement on a tree-based variant of a multi-certificate revocation system by Aiello, Lodha, and Ostrovsky [1] .  ...  We present two new schemes for efficient certificate revocation. Our first scheme is a direct improvement on a well-known tree-based variant of the NOVOMODO system of Micali [11] .  ...  Multi-Certificate Revocation.  ... 
doi:10.1007/978-3-540-24632-9_27 fatcat:hjt7szcipzbbvacwv3jamw3gua


Jayanth Rajakumar, Student, Department of Electronics and Communication Engineering R.V. College of Engineering Bangalore, Karnataka, India
2019 International Journal of Advanced Research in Computer Science  
This paper describes and contrasts the two major mechanisms for certificate revocation -Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP).  ...  It is found that modern web clients and browsers such as Google Chrome do not perform stringent checking of certificate revocation status, leaving users open to attackers who use revoked certificates to  ...  There are two major methods of conveying the revocation status from the certificate authority to the clients -Certificate Revocation List (CRL) and Online Certificate Revocation Protocol (OCSP). A.  ... 
doi:10.26483/ijarcs.v10i3.6408 fatcat:o3hnzbsnwrgvfi3l27usssh4lq

Empirical Analysis of Certificate Revocation Lists [chapter]

Daryl Walleck, Yingjiu Li, Shouhuai Xu
2008 Lecture Notes in Computer Science  
Though various certificate revocation mechanisms have been proposed to address this issue, little effort has been devoted to the empirical analysis of real-world certificate revocation data.  ...  Managing public key certificates revocation has long been a central issue in public key infrastructures.  ...  certificate revocation rates over time, and trends in certificate revocation rates by organizations.  ... 
doi:10.1007/978-3-540-70567-3_13 fatcat:5k7ea4xeivfrddmrlawezllwaa

CTng: Secure Certificate and Revocation Transparency [article]

Hemi Leibowitz, Haitham Ghalwash, Ewa Syta, Amir Herzberg
2021 IACR Cryptology ePrint Archive  
CTng achieves security, including transparency of certificate and of revocation status, with No Trusted Third Party, while preserving client's privacy, allowing offline client validation of certificates  ...  In this work, we study Certificate Transparency (CT), an important standardized extension of classical Web-PKI, deployed and integrated into major browsers.  ...  CRV Certificate Revocation Vector Bit vector maintained by each CA, where each bit represents the revocation status of a certificate issued by that CA.  ... 
dblp:journals/iacr/LeibowitzGSH21 fatcat:cay6jyof5vfr7bl3luurxp23ui

Communication-efficient Certificate Revocation Management for Advanced Metering Infrastructure and IoT [article]

Mumin Cebe, Kemal Akkaya
2020 arXiv   pre-print
As the communication between smart meters could be secured utilizing public-key cryptography, however, public-key cryptography still has certain challenges in terms of certificate revocation and management  ...  particularly related distribution and storage overhead of revoked certificates.  ...  Revocation and Certificate Verification Processes In this section, we describe the proposed revocation scheme and the protocol for certificate verification.  ... 
arXiv:1902.04255v3 fatcat:s3ancylq4rbgphxvnrjt2laa44
« Previous Showing results 1 — 15 out of 21,499 results