Abstract
The Public Key Certificate (PKC) is an important way to support the secure global WEB applications. The revocation of the PKC, however, remains as one of the most costly problems in the certificate management. In this paper, a new public key certificate revocation scheme based on one-way hash chain is proposed. Specifically, no centralized authority holds responsibility to collect and publish certificate status information. Instead, the individual user takes charge of his own certificate status by periodically releasing an updated secure hash value. The paper concludes with an informal examination of the security, efficiency and scalability of this scheme.
This work has been supported in part by the National Natural Science Foundation of China (90204015, 60473021), the Basic Research Program of China (973 Program) (G1999035804) and the Natural Science Foundation of Henan Province (511010900).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ITU-T: Information technology - Open systems interconnection- The directory: Public-key and attribute certificate frameworks. ITU-T Recommendation X.509 (V4) (2000)
Housley, R., Ford, W., Polk, W., Solo, D.: Internet X.509 public key infrastructure certificate and CRL profile. RFC2459 (January 1999)
Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 internet public key infrastructure online certificate status protocol (OCSP). RFC2560 (June 1999)
Schneier, B.: Applied cryptography second edition: protocols, algorithms, and source code in C. China Machine Press. Beijing (2000)
National Institute of Standard and Technology.: Secure Hash Standard. FIPS PUB180-2 (2002)
Zheng, P.: Tradeoffs in certificate revocation schemes. ACM SIGCOMM Computer Communications Review 33(2), 103–112 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, J., Zhu, Y., Pan, H., Wei, D. (2005). A New Public Key Certificate Revocation Scheme Based on One-Way Hash Chain. In: Fan, W., Wu, Z., Yang, J. (eds) Advances in Web-Age Information Management. WAIM 2005. Lecture Notes in Computer Science, vol 3739. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11563952_62
Download citation
DOI: https://doi.org/10.1007/11563952_62
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29227-2
Online ISBN: 978-3-540-32087-6
eBook Packages: Computer ScienceComputer Science (R0)