A method for fast revocation of public key certificates and security capabilities

We present a new approach to fast certificate revocation centered around the concept of an on-line semi-trusted mediator (SEM). The use of a SEM in conjunction with a simple threshold variant of the RSA cryptosystem (mediated RSA) offers a number of practical advantages over current revocation techn...

Full description

Saved in:
Bibliographic Details
Main Authors: BONEH, D., DING, Xuhua, Tsudik, Gene, WONG, Chi Ming
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2001
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/1046
https://ink.library.smu.edu.sg/context/sis_research/article/2045/viewcontent/sem.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:We present a new approach to fast certificate revocation centered around the concept of an on-line semi-trusted mediator (SEM). The use of a SEM in conjunction with a simple threshold variant of the RSA cryptosystem (mediated RSA) offers a number of practical advantages over current revocation techniques. Our approach simplifies validation of digital signatures and enables certificate revocation within legacy systems. It also provides immediate revocation of all security capabilities. This paper discusses both the architecture and implementation of our approach as well as performance and compatibility with the existing infrastructure. Our results show that threshold cryptography is practical for certificate revocation.