Abstract
Asymmetric cryptography based on public-private key pairs is nowadays used in many applications, notably for authentication and digital signature. It is very frequently used together with digital certificates which link public keys to real-world identities. In a system using digital certificates, one core issue is the question of whether a certificate is valid. This issue has been treated extensively in the literature. In this paper, we are interested in an issue which has received less attention: the question of whether a certificate was valid. This question is of particular importance for digitally signed documents which have to be verified a long time after their signature. We present and analyze a new algorithm to validate certificates “in the past”, with the goals of it being simple to present, simple to implement and to fall back on standard algorithms with current time settings.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ITU/ISO, X.509 information technology open systems interconnection-the directory: Authentication frameworks, Tech. Rep. (2000)
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 public key infrastructure: Certificate and CRL profile. IETF, Tech. Rep. RFC 5280 (2008)
Agarwal, G., Singh, S.: A comparison between public key authority and certification authority for distribution of public key. International Journal of Computer Science and Information Technologies 1(5), 332–336 (2010)
Huang, J., Nicol, D.: A calculus of trust and its application to pki and identity management. In: IDtrust 2009: Proceedings of the 8th Symposium on Identity and Trust on the Internet, pp. 23–37. ACM, New York (2009)
Kohlas, R.: Decentralized trust evaluation and public-key authentication. Ph.D. dissertation, University of Bern (2007)
Maurer, U.M.: Modelling a Public-Key Infrastructure. In: Martella, G., Kurth, H., Montolivo, E., Hwang, J. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 325–350. Springer, Heidelberg (1996)
Marchesini, J.C., Smith, S.: Modeling Public Key Infrastructures in the Real World. In: Chadwick, D., Zhao, G. (eds.) EuroPKI 2005. LNCS, vol. 3545, pp. 118–134. Springer, Heidelberg (2005)
Bicakci, K., Crispo, B., Tanenbaum, A.S.: How to incorporate revocation status information into the trust metrics for public-key certification. In: ACM Symposium on Applied Computing, pp. 1594–1598. ACM (2005)
Ben MBarka, M., Krief, F., Ly, O.: Modeling Long-Term Signature Validation for Resolution of Dispute. In: Proceedings of the Theory of Security and Applications, TOSCA 2011, ETAPS 2011, Saarbrücken - Germany. Springer, Heidelberg (2011)
Baier, H., Karatsiolis, V.: Validity Models of Electronic Signatures and Their Enforcement in Practice. In: Martinelli, F., Preneel, B. (eds.) EuroPKI 2009. LNCS, vol. 6391, pp. 255–270. Springer, Heidelberg (2010)
Myers, M., Ankney, R., Malpani, A., Galperin, C.A.S.: Online Certificate Status Protocol - OCSP. IETF, Tech. Rep. RFC 2560 (1999)
Solworth, J.A.: Instant Revocation. In: Mjølsnes, S.F., Mauw, S., Katsikas, S.K. (eds.) EuroPKI 2008. LNCS, vol. 5057, pp. 31–48. Springer, Heidelberg (2008)
Haber, S., Stornetta, W.S.: How to Time-Stamp a Digital Document. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 437–455. Springer, Heidelberg (1991)
Marinescu, C.: Design requirements for a secure time-stamping scheme. In: EuroIMSA 2008: Proceedings of the IASTED International Conference on Internet and Multimedia Systems and Applications, pp. 94–99. ACTA Press, Anaheim (2008)
Gondrom, T., Brandner, R., Pordesch, U.: Evidence Record Syntax (ERS). Tech. Rep. RFC 4998 (2007)
ETSI, CMS Advanced Electronic Signatures (CAdES), Tech. Rep. ETSI TS 101 733 V1.7.4 (2008)
ETSI, XML Advanced Electronic Signatures (XAdES), Tech. Rep. ETSI TS 101 903 V1.3.2 (2006)
ETSI, PDF Advanced Electronic Signature Profiles;part 1: PAdES overview - a framework document for PAdES, Tech. Rep. ETSI TS 102 778-1 V1.1.1 (2009)
European Union, Directive 1999/93/ec of the european parliament and of the concil of 13 december 1999 on a community framework for electronic signatures
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ben M’Barka, M., Stern, J.P. (2012). Certification Validation: Back to the Past. In: Petkova-Nikova, S., Pashalidis, A., Pernul, G. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2011. Lecture Notes in Computer Science, vol 7163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29804-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-29804-2_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29803-5
Online ISBN: 978-3-642-29804-2
eBook Packages: Computer ScienceComputer Science (R0)