Abstract
Problems with certificate revocation status control limit the deployment of Public Key Infrastructure (PKI). Classical certificate paths require revocation control of all certificates on the path. In this paper, we show how the recently proposed NPKI (Nested certificate based PKI) system reduces the number of revocation status controls to at most two. Our analysis also shows that NPKI is not as vulnerable as classical PKI considering the certificate authority compromise.
Chapter PDF
Similar content being viewed by others
References
Adams, C., and S. Llyod, Understanding Public Key Infrastructures, New Riders Publishing, 1999
Myers, M., R. Ankney, A. Malpani, S. Galperin, and C. Adams, X.509 Internet Public Key Infrastructure On-line Certificate Status Protocol-OCSP, RFC 2560, June 1999.
Micali, S., Efficient Certificate Revocation, MIT Laboratory for Computer Science, Technical Memo 542b, March 1996.
Naor, M., and K. Nissim, āCertificate Revocation and Certificate Update,ā IEEE Journal on Selected Areas in Communications, vol. 18, no. 4, pp. 561ā570, April 2000.
Kocher, P., āOn Certificate Revocation and Validation,ā Proceedings of Financial Cryptography 98, LNCS 1465, Springer-Verlag, pp. 172ā177, Anguilla, BWI, February 1998.
Gassko, I., P. S. Gemmell, and P. MacKenzie, āEfficient and Fresh Certification,ā Proceedings of Public Key Cryptography (PKC) 2000, LNCS 1751, Springer-Verlag, pp. 342ā353, Melbourne, Australia, January 2000.
Rivest, R., āCan We Eliminate Certificate Revocation Lists?,ā Proceedings of Financial Cryptography 98, LNCS 1465, Springer-Verlag, pp. 178ā183, Anguilla, BWI, February 1998.
Myers, M., āRevocation: Options and Challenges,ā Proceedings of Financial Cryptography 98, LNCS 1465, Springer-Verlag, pp. 165ā171, Anguilla, BWI, February 1998.
Chadwick, D. W., A. J. Young, and N. K. Cicovic, āMerging and Extending the PGP and PEM Trust Models-The ICE-TEL Trust Model,ā IEEE Network, vol. 11, no. 3, pp. 16ā24, May/June 1997.
Levi, A., and M. U. Caglayan, āAn Efficient, Dynamic and Trust Preserving Public Key Infrastructureā, Proceedings of 2000 IEEE Symposium on Security and Privacy, pp. 203ā214, Oakland, CA, USA, May 2000.
Zimmermann, P., PGP Userās Guide, available with free PGP software from http://www.pgpi.com.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Ā© 2001 IFIP International Federation for Information Processing
About this paper
Cite this paper
Levi, A., KoƧ, C.K. (2001). Reducing Certificate Revocation Cost using NPKI. In: Dupuy, M., Paradinas, P. (eds) Trusted Information. SEC 2001. IFIP International Federation for Information Processing, vol 65. Springer, Boston, MA. https://doi.org/10.1007/0-306-46998-7_4
Download citation
DOI: https://doi.org/10.1007/0-306-46998-7_4
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-7923-7389-6
Online ISBN: 978-0-306-46998-5
eBook Packages: Springer Book Archive