Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

10-2003

Abstract

Public-key certificates play an important role in binding the public key with the identity of the owner of the corresponding private key. A certificate might be revoked before its scheduled expiry date by the issuing CA. Efficient and timely distribution of certificate revocation information is a big challenge facing the PKI providers. Existing certificate revocation schemes place a considerable processing, communication, and storage overheads on the CA as well as the relying parties. To improve the current situation, we propose a revocation-free public-key framework, in which the maximum lifetime of a certificate is divided into short periods and the certificate could expire at the end of any period under the control of the certificate owner (or his manager in a corporate environment). The verifier can check the status of such a certificate without retrieving the revocation information from the CA. The new framework is especially useful for applications on wireless devices that are unable to make simultaneous connections. The new framework could be easily integrated into existing PKI products that support X.509-based certificates.

Keywords

Security Server, Expiry Date, Certification Authority, Trusted Third Party, Certificate Status

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Information and Communications Security: 5th International Conference, ICICS 2003, Huhehaote, China, October 10-13: Proceedings

Volume

2836

First Page

88

Last Page

99

ISBN

9783540399278

Identifier

10.1007/978-3-540-39927-8_9

Publisher

Springer

City or Country

Berlin

Copyright Owner and License

Publisher

Additional URL

https://doi.org/10.1007/978-3-540-39927-8_9

Download

Share

COinS