Tradeoffs in certificate revocation schemes

Computer Communication Review

Volumn 33, Issue 2, 2003, Pages 103-112

  Zheng, Peifang ^a  

^a UNIVERSITY OF PENNSYLVANIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CERTIFICATE REVOCATION; CRYPTOGRAPHIC CERTIFICATES;

COPYRIGHTS; RISK ASSESSMENT; SECURITY SYSTEMS;

CRYPTOGRAPHY;

EID: 33645797144     PISSN: 01464833     EISSN: 01464833     Source Type: Conference Proceeding    
DOI: 10.1145/956981.956991     Document Type: Review

References (35)

1. The SSL V3.0 Protocol. http://wp.netscape.com/eng/ssl3/draft302.txt.
2. ValiCert: Secure solution for paperless e-business. http://www.valicert. com.
3. Secure Hash Standard. U.S. National Institute for Standards and Technology (NIST), 1994.
4. Carlisle Adams and Robert Zuccherato. A General, Flexible Approach to Certificate Revocation, June 1998. Entrust White Paper.
5. William Aiello, Sachin Lodha, and Rafail Ostrovsky. Fast Digital Identity Revocation. In Advances in Cryptology-CRYPTO 1998, pages 137-152. LNCS 4462, 1998.
6. André Årnes. Public Key Certificate Revocation Schemes. PhD thesis, Norwegian University of Science and Technology, February 2000.
7. Josh Cohen Benaloh and Michael de Mare. One-Way Accumulators: A Decentralized Alternative to Digital Signatures. Lecture Notes in Computer Science, 765:274-285, 1994.
8. Dan Boneh, Xuhua Ding, Gene Tsudik, and Chi Ming Wong. A Method for Fast Revocation of Public Key Certificates and Security Capabilities. In The 10th USENIX Security Symposium, 2001.
9. Ahto Buldas, Peeter Laud, and Helger Lipmaa. Accountable Certificate Management using Undeniable Attestations. In ACM Conference on Computer and Communications Security, pages 19-24, 2000.
10. David Cooper. A Model of Certificate Revocation. In Fifteenth Annual Computer Security Applications Conference, pages 256-264, 1999.
11. David A. Cooper. A More Efficient Use of Delta-CRLs. In IEEE Symposium on Security and Privacy, pages 190-202, 2000.
12. Eugenio Faldella and Marco Prandini. A Novel Approach to On-Line Status Authentication of Public-Key Certificates. In 16th Annual Computer Security Applications Conference, New Orleans, Louisiana, USA, December 2000. IEEE Computer Society.
13. Irene Gassko, Peter S. Gemmell, and Philip MacKenzie. Efficient and fresh certification. In Proceedings of Public Key Cryptography, pages 342-353, Jan 2000.
14. Michael Goodrich, Robert Tamassia, and Andrew Schwerin. Implementation of an Authenticated Dictionary with Skip Lists and Commutative Hashing.
15. R. Housley, W. Ford, W. Polk, and D. Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile, Jan 1999. RFC 2459.
16. Stephen T. Kent. Internet Privacy Enhanced Mail. In Communications of the ACM, volume 36, pages 48-60, 1993.
17. Stephen T. Kent. Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management, Feburary 1993. RFC 1422.
18. Angelos D. Keromytis. STRONGMAN: a Scalable Solution to Trust Management in Networks. PhD thesis, University of Pennsylvania, 2001.
19. Paul Kocher. On Certificate Revocation and Validation. In International Conference on Financial Cryptography. LNCS, Springer-Verlag, 1998.
20. Y. Kortesniemi, T. Hasu, and J. Srs. A Revocation, Validation and Authentication Protocol for SPKI Based Delegation Systems. In Network and Distributed System Security Symposium, February 2000.
21. Patrick McDaniel and Sugih Jamin. Windowed Certificate Revocation. In INFOCOM(3), pages 1406-1414, 2000.
22. Patrick McDaniel and Aviel D. Rubin. A Response to "Can We Eliminate Certificate Revocation Lists?". In Financial Cryptography, pages 245-258, 2000.
23. Ralph C. Merkle. A Certified Digital Signature. In Proceedings of CRYPTO '89, pages 218-238. LNCS 435, 1990.
24. Silvio Micali. Enhanced Certificate Revocation. Technical report, MIT-LCS-TM-542, 1995.
25. Silvio Micali. Efficient Certificate Revocation. Technical report, MIT-LCS-TM-542b, March 1996.
26. Silvio Micali. NOVOMODO: Scalable Certificate Validation and Simplified PKI Management. In 1st Annual PKI Research Workshop - Proceeding, April 2002.
27. Michael Myers. Revocation: Options and Challenges. In Proc. Financial Cryptography '98.
28. Michael Myers, Rich Ankney, Ambarish Malpani, Slava Galperin, and Carlisle Adams. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP, June 1999. RFC 2560.
29. Moni Naor and Kobbi Nissim. Certificate Revocation and Certificate Update. In Proceedings 7th USENIX Security Symposium (San Antonio, Texas), Jan 1998.
30. CCITT (Consultative Committee on International Telegraphy and Telephony). Recommendation X.509: The Directory - Authentication Framework, 1988.
31. R. Perlman and C. Kaufman. Method of Issuance and Revocation of Certificates of Authenticity Used in Public Key Networks and Other Systems. United State Patent 5,261,002, November 1993.
32. Ronald L. Rivest. Can We Eliminate Certificate Revocations Lists? In Financial Cryptography, pages 178-183, 1998.
33. Petra Wohlmacher. Digital Certificates: a Survey of Revocation Methods. In Proceedings on ACM multimedia 2000 workshops, pages 111-114. ACM Press, 2000.
34. Rebecca N. Wright, Patrick Lincoln, and Jonathan K. Millen. Efficient Fault-tolerant Certificate Revocation. In A CM Conference on Computer and Communications Security, pages 19-24, 2000.
35. ITU-T Recommendation X.509. Information Technology - Open Systems Interconnection - The Directory: Authentication Framework, August 1997.