Skip to main content
SpringerLink
Log in

Augmented Certificate Revocation Lists

  • Conference paper
Information Security and Privacy (ACISP 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4058))

Included in the following conference series:

Abstract

We present a simple yet clever extension to the delta certificate revocation list(CRL) [1], the augmented certificate revocation list (ACRL). ACRLs contain revocation updates only and certificate verifiers construct complete CRLs locally. Locally constructed complete CRLs are identical to complete CRLs issued by the CRL issuer. So certificate verifiers need not download complete CRLs. ACRLs are much smaller in size compared to complete CRLs providing significant network savings. Contrary to existing opinion – that CRLs cannot provide efficient online certificate status – we present an ACRL based online certificate status scheme which has many advantages over OCSP [2]. ACRLs are backward compatible and can easily be integrated into existing X.509 CRL based schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ITU-T. Information technology - Open systems interconnection - The directory: Public-key and attribute certificate frameworks, ITU-T Recommendation X.509 (V4) (2000)

    Google Scholar 

  2. Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP, RFC 2560 (June 1999)

    Google Scholar 

  3. Cooper, D.A.: A model of certificate revocation. In: Proceedings of the 15th annual computer security applications conference (December 1999), http://csrc.nist.gov/pki/PKImodels/

  4. Cooper, D.A.: A more efficient use of delta CRLs. In: Proceedings of the IEEE symposium on security and privacy (May 2000), http://csrc.nist.gov/pki/PKImodels/

Download references

Author information

Authors and Affiliations

  1. Institute for Infocomm Research, Singapore

    A. Lakshminarayanan & T. L. Lim

Authors
  1. A. Lakshminarayanan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. T. L. Lim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Technology, Deakin University,  

    Lynn Margaret Batten

  2. Department of Computer Science, University of Calgary, T2N 1N4, Calgary,  

    Reihaneh Safavi-Naini

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lakshminarayanan, A., Lim, T.L. (2006). Augmented Certificate Revocation Lists. In: Batten, L.M., Safavi-Naini, R. (eds) Information Security and Privacy. ACISP 2006. Lecture Notes in Computer Science, vol 4058. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11780656_8

Download citation

  • DOI: https://doi.org/10.1007/11780656_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-35458-1

  • Online ISBN: 978-3-540-35459-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation