A method for fast revocation of public key certificates and security capabilities

Author

D. BONEH
Xuhua DING, Singapore Management UniversityFollow
Gene Tsudik
Chi Ming WONG

Publication Type

Conference Proceeding Article

Version

submittedVersion

Publication Date

8-2001

Abstract

We present a new approach to fast certificate revocation centered around the concept of an on-line semi-trusted mediator (SEM). The use of a SEM in conjunction with a simple threshold variant of the RSA cryptosystem (mediated RSA) offers a number of practical advantages over current revocation techniques. Our approach simplifies validation of digital signatures and enables certificate revocation within legacy systems. It also provides immediate revocation of all security capabilities. This paper discusses both the architecture and implementation of our approach as well as performance and compatibility with the existing infrastructure. Our results show that threshold cryptography is practical for certificate revocation.

Discipline

Information Security

Research Areas

Information Security and Trust

Publication

Proceedings of the 10th conference on USENIX Security Symposium, Washington, D.C., 2001 August 13-17

Publisher

ACM

City or Country

Washington DC

Citation

BONEH, D.; DING, Xuhua; Tsudik, Gene; and WONG, Chi Ming. A method for fast revocation of public key certificates and security capabilities. (2001). Proceedings of the 10th conference on USENIX Security Symposium, Washington, D.C., 2001 August 13-17.
Available at: https://ink.library.smu.edu.sg/sis_research/1046

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

http://crypto.stanford.edu/~dabo/abstracts/sem.html