Chengyu Ma,Nan Hu,Yingjiu Li

2006-01-01

Abstract:Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this aspect has concentrated on the tradeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real empirical data from VeriSign and derive the probability function for certificate revocation requests. We then prove that a revocation system will become stable after a period of time. Based on these, we show that different certificate authorities should take different strategies for releasing certificate revocation lists for different types of certificate services. We also provide the exact steps by which certificate authorities can derive optimal releasing strategies.

Nan Hu,Giri Kumar Tayi,Chengyu Ma,Yingjiu Li

DOI: https://doi.org/10.3233/jcs-2009-0330

2009-01-01

Journal of Computer Security

Abstract:Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the Internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this area has concentrated on the tr adeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real data from VeriSign and suggest a functional form for the probability density function of certificate revocation requests. Exponential distribution function is chosen as it adequately approximates the real data. We then provide an economic model based on which a certificate authority can choose the optimal Certificate Revocation List (CRL) release interval considering the intrinsic properties among different types of certificate services. To conclude we draw some insights by comparing the performance of four different CRL strategies.

Jie Zhang,Nan Hu,M. K. Raja

DOI: https://doi.org/10.1016/j.dss.2012.12.043

IF: 6.969

2014-01-01

Decision Support Systems

Abstract:The fast growth of e-commerce and online activities places increasing needs for authentication and secure communication to enable information exchange and online transactions. The public key infrastructure (PKI) provides a promising foundation for meeting such demand, in which certificate authorities (CAs) provide digital certificates. In practice, it is critical to understand consumer purchasing and revocation behaviors so that CAs can better manage the digital certificates and its CRL releasing process. To address this problem, we analytically model a CA's pricing and revocation releasing strategies taking into consideration the users' rational decisions. The model provides solutions two main research questions: (1) How should the CA price the digital certificates? The the price of the digital certificate should be determined by the expected losses of the user's IT system, and the number of certificate revocations per period is expected to decrease over time during the lifecycle of the certificate. This result is supported by the empirical data from VeriSign. (2) How should the CA we further propose a dynamic CRL releasing policy that suggests that the optimal releasing intervals within the lifecycle of a certificate should increase over time.

Chengyuan Zhang,Changqing An,Tao Yu,Zhiyan Zheng,Jilong Wang

DOI: https://doi.org/10.1109/noms59830.2024.10575605

2024-01-01

Abstract:The validity and efficiency of certificate revocation in today's web Public Key Infrastructure (PKI) are consistently overlooked. In this paper, we analyse current certificate revocation schemes from the perspective of Certificate Authorities (CAs) and browsers. We find that the average size of CRL files collected from popular CAs can be as large as 2MB and the average response time of OCSP is around 430ms, which means that the time overhead brought by current certificate revocation schemes is not negligible. Moreover, browsers often fail to perform the revocation check correctly and allow websites to use revoked certificates, which can help attackers to launch man-in-the-middle attacks using fraudulent certificates.We also summarise existing problems and propose a novel certificate revocation scheme utilizing DNS resource records for efficient and privacy-preserving distribution. We have implemented a prototype to evaluate the performance of our scheme, and test results show that our scheme is time-efficient and able to withstand realistic workloads. We hope that our work can stimulate further discussion of the problems in Web PKI.

张雪琳,马跃,王玮,徐塞虹

DOI: https://doi.org/10.3321/j.issn:1000-6788.2004.03.015

2004-01-01

Abstract:Public Key Infrastructure (PKI) is a infrastructure of asymmetric encryption that delivers strong capabilities for services such as data confidentiality,authentication,integrity and non-repudiation to effectively mitigate various risks involved in a network environment. The PKI infrastructure ensures that the availability of a well conceived combination of services,communications methods and protocols to its constituent applications and programs. It means that the infrastructure provides a blanket to enable the interoperability of its constituent parts for available,reliable,and unobtrusive security services. In this paper,a model of CRL disribution is set up. By analyzing the revocation delay,we get the expression of revocation delay.The simulation result is also given,which proved correctness of our analysis .

Wei Ren,Kui Ren,Wenjing Lou,Yanchao Zhang

DOI: https://doi.org/10.4108/icst.qshine2008.3824

2008-01-01

Abstract:Privacy-aware Public Key Infrastructure (PKI) can maintain user access control and yet protect user privacy, which is envisioned as a promising technique in many emerging applications. To justify the applicability of privacy-aware PKI and optimize the performance, it is highly important to ensure the efficiency of handling user revocations. In practice, user revocation can be due to various predictable and unpredictable reasons, e.g., subscription expiration, network access policy violation, group changing, secret key exposure, etc. Both predictable and unpredictable reasons can happen concurrently, which makes the design of efficient user revocation mechanism challenging. In this paper, we study how to achieve optimized user revocation cost with respect to various revocation approaches. We also propose an advanced scheme Delta-RL that ensures an optimized overall performance in terms of communication, computation and storage, as justified by the extensive analysis.

Baohong Li,Y. I B Hou,Yinliang Zhao

DOI: https://doi.org/10.1109/ICMLC.2005.1527611

2005-01-01

Abstract:This paper proposes a scalable scheme for certificate revocation in public key infrastructure. In this scheme, the set of revoked certificates is divided into groups. In each group, proofs for certificate status are computed using one-way accumulators, while all groups are still organized in a hash tree. The main advantage of the proposed scheme is that it can adjust traffic between CA-to-directory and directory-to-user according to certificate update rate and query rate in applications, thus overall traffic for certificate revocation can be remarkably reduced and a wider range of scenarios can be accommodated. Compared with Naor's dynamic hash tree scheme, results show it can reduce traffic by about 50% in typical environments.

Zhang Manman,Liu Zhiyuan

DOI: https://doi.org/10.3969/j.issn.1008-8245.2007.05.014

2007-01-01

Abstract:Certificate revocation is always a hard problem in the research and application of public key infrastructure(PKI).In this paper,a review of certificate revocation schemes is present.The working principles of all schemes are described,and the advantages and disadvantages of each scheme are analyzed in details.And the future work is outlined in the end.

Wei Ren,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/icdcs.workshops.2008.95

2008-01-01

Abstract:Privacy-aware Public Key Infrastructure (PKI) can maintain user access control and yet protect user privacy, which is important for many applications. The applicability of privacy-aware PKI highly relies on the performance of user revocation. The requirements of user revocation are various in general, such as subscription expiration, violation of access policy, group changing, and key exposure. To satisfy different requirements, multiple revocation approaches may interact each other. In this paper, we study how to achieve optimized user revocation cost with respect to various revocation approaches. We also propose a practical scheme Delta-RL that can fulfill an optimal overall performance on the base of extensive analysis.

Liang TAN,Zhen LIU,Kun SHE,Ming-tian ZHOU

DOI: https://doi.org/10.3321/j.issn:0372-2112.2005.02.009

2005-01-01

Abstract:An improved model:the segmented and over issued CRL synthesis model ,which issues certificate status information with certificate revocation list in public key infrastructure,is presented.It is realized by that CRL is segmented first,and then over issued.Compared to other models,the improved model minimizes the size of CRL which can accelerate to request service,as well as the peak request rate,peak bandwidth,average loads and time piece on CRL repository.The improved model is fit for the large scale PKIs according to the requirements.

Baohong Li,Yinliang Zhao,Yibin Hou

DOI: https://doi.org/10.1109/IPOM.2004.1547598

2005-01-01

Abstract:Certificate revocation is an outstanding problem in PKI. This paper extends Naor's scheme of dynamic hash tree in order to optimize performance. Set of revoked certificates is divided into groups. In each group, proofs for certificate status are computed by using one-way accumulator, while all groups are still organized in hash tree. The main advantage of the proposed scheme is that it can adjust traffic between CA-to-directory and directory-to-user according to certificate update rate and query rate in applications, thus can remarkably reduce overall traffic consumed for certificate revocation, and can efficiently accommodate a wide range of scenarios. Compared with Naor's origin scheme, performance analysis shows it can reduce traffic by about 50% in typical environments.

Zhichao Ruan,Wei Ye,Yankai Xie,Haixing Li,Chi Zhang,Lingbo Wei

DOI: https://doi.org/10.1109/icc45041.2023.10278733

2023-01-01

Abstract:Blockchain is the most promising technology to tackle the security challenges of certificate revocation schemes, such as vulnerability to the single point of failure and lack of accountability systems. However, current blockchain-based certificate revocation systems suffer from privacy problems as the blockchain nodes can learn which website the client is going to connect with and infer the end-user's private information, such as identity, location, and health condition. In this paper, we propose a decentralized certificate revocation scheme that allows clients to securely and privately verify revocation information. We not only take advantage of blockchain to provide security guarantees but also further craft a novel multi-server offline/online private information retrieval (PIR) protocol named MOO-PIR to preserve query privacy for clients even if a subset of servers collude. Finally, we provide security analysis and performance evaluation, demonstrating that our scheme can protect client privacy without compromising efficiency.

Cui Yan-Li,Zhang Xing

DOI: https://doi.org/10.1109/fitme.2009.68

2009-01-01

Abstract:During the realizing process of remote attestation, except for using trusted computing technology to protect physical security, storage security and operation security of certifier, cipher mechanism need to be combined to ensure the credibility of attestation method of certifier. This paper designs an attestation method model of property remote attestation, and applies the authentication and access control logic technology to make formal description for the participants of attestation method of property remote attestation, and finally prove the credibility of attestation method. Paper's research conclusion proves, after increasing the authority of certificate and trusted property certificate, the credibility of property remote attestation method can be guaranteed among the computing environment applying the public key infrastructure participates.

Xinyi Luo,Zhuo Xu,Kaiping Xue,Qiantong Jiang,Ruidong Li,David Wei

DOI: https://doi.org/10.1109/icdcs54860.2022.00121

2022-01-01

Abstract:As the voucher for identity, digital certificates and the public key infrastructure (PKI) system have always played a vital role to provide the authentication services. In recent years, with the increase in attacks on traditional centralized PKIs and the extensive deployment of blockchains, researchers have tried to establish blockchain-based secure decentralized PKIs and have made significant progress. Although blockchain enhances security, it brings new problems in scalability due to the inherent limitations of blockchain’s data structure and consensus mechanism, which become much severe for the massive access in the era of 5G and B5G. In this paper, we propose ScalaCert to mitigate the scalability problems of blockchain-based PKIs by utilizing redactable blockchain for "on-cert" revocation. Specifically, we utilize the redactable blockchain to record revocation information directly on the original certificate ("on-cert") and remove additional data structures such as CRL, significantly reducing storage overhead. Moreover, the combination of redactable and consortium blockchains brings a new kind of attack called deception of versions (DoV) attack. To defend against it, we design a random-block-node-check (RBNC) based freshness check mechanism. Security and performance analyses show that ScalaCert has sufficient security and effectively solves the scalability problem of the blockchain-based PKI system.

王政,赵明,斯雪明,韩文报

DOI: https://doi.org/10.3969/j.issn.1000-3428.2009.01.012

2009-01-01

Abstract:Large scale environment, unreasonable certificate revocation management will bring enormous operations and burden of network transmission. This paper analyzes some kinds of CRL mechanisms, puts forward a maintenance scheme of certificate revocation list named PSHT-CRL, which inherits the character of segment-CRL, redirect-CRL and over issue-CRL. PSHT-CRL uses Hash table, partial signature, and link method to ensure the scheme’s security, to reduce the cost of user request response and certificate updating. PSHT-CRL solves the problems of other revocation schemes. The security and capability of this scheme are analyzed and PSHT-CRL compared with other CRL scheme.

Jing Chen,Shixiong Yao,Quan Yuan,Kun He,Shouling Ji,Ruiying Du

DOI: https://doi.org/10.1109/infocom.2018.8486344

2018-01-01

Abstract:In recent years, real-world attacks against PKI take place frequently. For example, malicious domains' certificates issued by compromised CAs are widespread, and revoked certificates are still trusted by clients. In spite of a lot of research to improve the security of SSL/TLS connections, there are still some problems unsolved. On one hand, although log-based schemes provided certificate audit service to quickly detect CAs' misbehavior, the security and data consistency of log servers are ignored. On the other hand, revoked certificates checking is neglected due to the incomplete, insecure and inefficient certificate revocation mechanisms. Further, existing revoked certificates checking schemes are centralized which would bring safety bottlenecks. In this paper, we propose a blockchain-based public and efficient audit scheme for TLS connections, which is called Certchain. Specially, we propose a dependability-rank based consensus protocol in our blockchain system and a new data structure to support certificate forward traceability. Furthermore, we present a method that utilizes dual counting bloom filter (DCBF) with eliminating false positives to achieve economic space and efficient query for certificate revocation checking. The security analysis and experimental results demonstrate that CertChain is suitable in practice with moderate overhead.

FU Yong-ping,ZHAO Yin-liang,LI Bao-hong,REN Qin-an,ZHONG Sheng-hai

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.24.065

2007-01-01

Abstract:The proposed certificate revocation schemes restrict algorithm performance because they fail to consider the differences between the probabilities of inquiring certificate.The certificate revocation scheme based on priority skip lists,named CRPSL,can dynamic update the storage structure of certificate revocation dictionary according to the inquiry frequency,and can shorten the enquiry path of inquiring high frequency certificate so that the inquiry speed is accelerated.The test shows that the performance of CRPSL is better than that of CRL and 2-3CRT in the sides of insertion,deletion and enquiry,and the CRPSL conform to the actual situation of certificate inquiry fairly well.

Nikita Korzhitskii,Matus Nemec,Niklas Carlsson

DOI: https://doi.org/10.48550/arXiv.2203.02280

2022-03-04

Abstract:The modern Internet is highly dependent on trust communicated via certificates. However, in some cases, certificates become untrusted, and it is necessary to revoke them. In practice, the problem of secure revocation is still open. Furthermore, the existing procedures do not leave a transparent and immutable revocation history. We propose and evaluate a new revocation transparency protocol that introduces postcertificates and utilizes the existing Certificate Transparency (CT) logs. The protocol is practical, has a low deployment cost, provides an immutable history of revocations, enables delegation, and helps to detect revocation-related misbehavior by certificate authorities (CAs). With this protocol, a holder of a postcertificate can bypass the issuing CA and autonomously initiate the revocation process via submission of the postcertificate to a CT log. The CAs are required to monitor CT logs and proceed with the revocation upon detection of a postcertificate. Revocation status delivery is performed independently and with an arbitrary status protocol. Postcertificates can increase the accountability of the CAs and empower the certificate owners by giving them additional control over the status of the certificates. We evaluate the protocol, measure log and monitor performance, and conclude that it is possible to provide revocation transparency using existing CT logs.

Cryptography and Security,Computers and Society,Networking and Internet Architecture

Qian Mei,Yanan Zhao,Hu Xiong

DOI: https://doi.org/10.15388/informatica.2019.226

2019-01-01

Informatica

Abstract:The primitive of certificateless signature, since its invention, has become a widely studied paradigm due to the lack of key escrow problem and certificate management problem. However, this primitive cannot resist catastrophic damage caused by key exposure. Therefore, it is necessary to integrate revocation mechanism into certificateless signature. In this paper, we propose a new certificateless signature scheme with revocation (RCLS) and prove its security under the standard model. In the meanwhile, our scheme can resist malicious-but-passive Key Generation Center (KGC) attacks that were not possible in previous solutions. The theoretical analysis shows our scheme has high efficiency and practicality.

Haijian ZHOU,Ping LUO,Daoshun WANG,Yiqi DAI

DOI: https://doi.org/10.3321/j.issn:1000-0054.2008.07.025

2008-01-01

Abstract:Public key infrastructures (PKI) achieve authentication and key exchange by utilizing public key cryptography; however, the system's centralized models tend to be the bottleneck in the network. To improve PKI efficiency, a caching authentication model was developed. The model takes advantage of symmetric root key caching and public key certificates caching, with the caching authentication extended to among the certification authorities (CA) to increase re-usage of cached information. An improved certificate revocation list (CRL) look-up mechanism is introduced to enhance CRL look-up efficiency. Performance analyses show that, compared with the common X.509 protocol, the CA caching authentication effectively reduces the CRL look-up times and network communications in the authentication procedures. The authentication model eases bottlenecks for PKI frameworks, while guaranteeing authentication security and integrity.