Abstract
A new certificate revocation system is presented. The basic idea is to divide the certificate space into several partitions, the number of partitions being dependent on the PKI environment. Each partition contains the status of a set of certificates. A partition may either expire or be renewed at the end of a time slot. This is done efficiently using hash chains. We evaluate the performance of our scheme following the framework and numbers used in previous papers. We show that for many practical values of the system parameters, our scheme is more efficient than the three well known certificate revocation techniques: CRL, CRS and CRT. Our scheme strikes the right balance between CA to directory communication costs and query costs by carefully selecting the number of partitions. © IFCA/Springer-Verlag Berlin Heidelberg 2007.
Cite
CITATION STYLE
Goyal, V. (2007). Certificate revocation using fine grained certificate space partitioning. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4886 LNCS, pp. 247–259). Springer Verlag. https://doi.org/10.1007/978-3-540-77366-5_24
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
