|
Security '01 Abstract
A Method for Fast Revocation of
Public Key Certificates and Security Capabilities
Dan Boneh, Stanford University; Xuhua Ding and Gene Tsudik, University of California, Irvine; Chi Ming Wong, Stanford University
Abstract
We present a new approach to fast certificate revocation centered around
the concept of an on-line semi-trusted mediator (SEM). The use of a
SEM in conjunction with a simple threshold variant of the RSA
cryptosystem (mediated
RSA) offers a number of practical advantages over current revocation
techniques. Our approach simplifies validation of digital
signatures and enables certificate revocation within legacy
systems. It also provides immediate revocation of all security
capabilities. This paper discusses both the architecture and
implementation of our approach as well as performance and
compatibility with the existing infrastructure. Our results show
that threshold cryptography is practical for
certificate revocation.
- View the full text of this paper in
HTML,
PDF, and
PostScript.
The Proceedings are published as a collective work, © 2001 by the USENIX Association. All Rights Reserved. Rights
to individual papers remain with the author or the author's employer.
Permission is granted for the noncommercial reproduction of the complete
work for educational or research purposes. USENIX acknowledges all
trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.
|
Need help? Use our Contacts page.
