An Efficient Public-Key Framework
Public-key certificates play an important role in binding the public key with the identity of the owner of the corresponding private key. A certificate might be revoked before its scheduled expiry date by the issuing CA. Efficient and timely distribution of certificate revocation information is a bi...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2003
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/1081 https://ink.library.smu.edu.sg/context/sis_research/article/2080/viewcontent/Zhou2003_AnEfficientPublic_KeyFramework_pv.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| Summary: | Public-key certificates play an important role in binding the public key with the identity of the owner of the corresponding private key. A certificate might be revoked before its scheduled expiry date by the issuing CA. Efficient and timely distribution of certificate revocation information is a big challenge facing the PKI providers. Existing certificate revocation schemes place a considerable processing, communication, and storage overheads on the CA as well as the relying parties. To improve the current situation, we propose a revocation-free public-key framework, in which the maximum lifetime of a certificate is divided into short periods and the certificate could expire at the end of any period under the control of the certificate owner (or his manager in a corporate environment). The verifier can check the status of such a certificate without retrieving the revocation information from the CA. The new framework is especially useful for applications on wireless devices that are unable to make simultaneous connections. The new framework could be easily integrated into existing PKI products that support X.509-based certificates. |
|---|