Chengyu Ma,Nan Hu,Yingjiu Li

2006-01-01

Abstract:Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this aspect has concentrated on the tradeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real empirical data from VeriSign and derive the probability function for certificate revocation requests. We then prove that a revocation system will become stable after a period of time. Based on these, we show that different certificate authorities should take different strategies for releasing certificate revocation lists for different types of certificate services. We also provide the exact steps by which certificate authorities can derive optimal releasing strategies.

Chengyuan Zhang,Changqing An,Tao Yu,Zhiyan Zheng,Jilong Wang

DOI: https://doi.org/10.1109/noms59830.2024.10575605

2024-01-01

Abstract:The validity and efficiency of certificate revocation in today's web Public Key Infrastructure (PKI) are consistently overlooked. In this paper, we analyse current certificate revocation schemes from the perspective of Certificate Authorities (CAs) and browsers. We find that the average size of CRL files collected from popular CAs can be as large as 2MB and the average response time of OCSP is around 430ms, which means that the time overhead brought by current certificate revocation schemes is not negligible. Moreover, browsers often fail to perform the revocation check correctly and allow websites to use revoked certificates, which can help attackers to launch man-in-the-middle attacks using fraudulent certificates.We also summarise existing problems and propose a novel certificate revocation scheme utilizing DNS resource records for efficient and privacy-preserving distribution. We have implemented a prototype to evaluate the performance of our scheme, and test results show that our scheme is time-efficient and able to withstand realistic workloads. We hope that our work can stimulate further discussion of the problems in Web PKI.

Chengyu Ma,Nan Hu,Yingjiu Li

2006-01-01

Abstract:Public key infrastructure has been proposed as a promising foundation for verifying the authenticity of communicating parties and transferring trust over the internet. One of the key issues in public key infrastructure is how to manage certificate revocations. Various technical solutions dealing with key revocation have been proposed. However, to the best of our best knowledge, no rigorous efforts have been made to understand the behavior of certificate revocation requests based on empirical data. Furthermore, there is no study on the managerial aspect of Certificate Revocation Release. In this study, based on the empirical data collected from VeriSign, we prove that a revocation system will become stable after a period of time. We show that different certificate authorities should take different strategies for releasing different types of certificate revocations. We also provide the exact steps by which certificate authorities can follow to derive optimal releasing strategies.

Nan Hu,Giri Kumar Tayi,Chengyu Ma,Yingjiu Li

DOI: https://doi.org/10.3233/jcs-2009-0330

2009-01-01

Journal of Computer Security

Abstract:Public key infrastructure provides a promising foundation for verifying the authenticity of communicating parties and transferring trust over the Internet. The key issue in public key infrastructure is how to process certificate revocations. Previous research in this area has concentrated on the tr adeoffs that can be made among different revocation options. No rigorous efforts have been made to understand the probability distribution of certificate revocation requests based on real empirical data. In this study, we first collect real data from VeriSign and suggest a functional form for the probability density function of certificate revocation requests. Exponential distribution function is chosen as it adequately approximates the real data. We then provide an economic model based on which a certificate authority can choose the optimal Certificate Revocation List (CRL) release interval considering the intrinsic properties among different types of certificate services. To conclude we draw some insights by comparing the performance of four different CRL strategies.

Zhang Manman,Liu Zhiyuan

DOI: https://doi.org/10.3969/j.issn.1008-8245.2007.05.014

2007-01-01

Abstract:Certificate revocation is always a hard problem in the research and application of public key infrastructure(PKI).In this paper,a review of certificate revocation schemes is present.The working principles of all schemes are described,and the advantages and disadvantages of each scheme are analyzed in details.And the future work is outlined in the end.

Wei Ren,Kui Ren,Wenjing Lou,Yanchao Zhang

DOI: https://doi.org/10.4108/icst.qshine2008.3824

2008-01-01

Abstract:Privacy-aware Public Key Infrastructure (PKI) can maintain user access control and yet protect user privacy, which is envisioned as a promising technique in many emerging applications. To justify the applicability of privacy-aware PKI and optimize the performance, it is highly important to ensure the efficiency of handling user revocations. In practice, user revocation can be due to various predictable and unpredictable reasons, e.g., subscription expiration, network access policy violation, group changing, secret key exposure, etc. Both predictable and unpredictable reasons can happen concurrently, which makes the design of efficient user revocation mechanism challenging. In this paper, we study how to achieve optimized user revocation cost with respect to various revocation approaches. We also propose an advanced scheme Delta-RL that ensures an optimized overall performance in terms of communication, computation and storage, as justified by the extensive analysis.

Liang TAN,Zhen LIU,Kun SHE,Ming-tian ZHOU

DOI: https://doi.org/10.3321/j.issn:0372-2112.2005.02.009

2005-01-01

Abstract:An improved model:the segmented and over issued CRL synthesis model ,which issues certificate status information with certificate revocation list in public key infrastructure,is presented.It is realized by that CRL is segmented first,and then over issued.Compared to other models,the improved model minimizes the size of CRL which can accelerate to request service,as well as the peak request rate,peak bandwidth,average loads and time piece on CRL repository.The improved model is fit for the large scale PKIs according to the requirements.

Haijian ZHOU,Ping LUO,Daoshun WANG,Yiqi DAI

DOI: https://doi.org/10.3321/j.issn:1000-0054.2008.07.025

2008-01-01

Abstract:Public key infrastructures (PKI) achieve authentication and key exchange by utilizing public key cryptography; however, the system's centralized models tend to be the bottleneck in the network. To improve PKI efficiency, a caching authentication model was developed. The model takes advantage of symmetric root key caching and public key certificates caching, with the caching authentication extended to among the certification authorities (CA) to increase re-usage of cached information. An improved certificate revocation list (CRL) look-up mechanism is introduced to enhance CRL look-up efficiency. Performance analyses show that, compared with the common X.509 protocol, the CA caching authentication effectively reduces the CRL look-up times and network communications in the authentication procedures. The authentication model eases bottlenecks for PKI frameworks, while guaranteeing authentication security and integrity.

Xinyi Luo,Zhuo Xu,Kaiping Xue,Qiantong Jiang,Ruidong Li,David Wei

DOI: https://doi.org/10.1109/icdcs54860.2022.00121

2022-01-01

Abstract:As the voucher for identity, digital certificates and the public key infrastructure (PKI) system have always played a vital role to provide the authentication services. In recent years, with the increase in attacks on traditional centralized PKIs and the extensive deployment of blockchains, researchers have tried to establish blockchain-based secure decentralized PKIs and have made significant progress. Although blockchain enhances security, it brings new problems in scalability due to the inherent limitations of blockchain’s data structure and consensus mechanism, which become much severe for the massive access in the era of 5G and B5G. In this paper, we propose ScalaCert to mitigate the scalability problems of blockchain-based PKIs by utilizing redactable blockchain for "on-cert" revocation. Specifically, we utilize the redactable blockchain to record revocation information directly on the original certificate ("on-cert") and remove additional data structures such as CRL, significantly reducing storage overhead. Moreover, the combination of redactable and consortium blockchains brings a new kind of attack called deception of versions (DoV) attack. To defend against it, we design a random-block-node-check (RBNC) based freshness check mechanism. Security and performance analyses show that ScalaCert has sufficient security and effectively solves the scalability problem of the blockchain-based PKI system.

Wei Ren,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/icdcs.workshops.2008.95

2008-01-01

Abstract:Privacy-aware Public Key Infrastructure (PKI) can maintain user access control and yet protect user privacy, which is important for many applications. The applicability of privacy-aware PKI highly relies on the performance of user revocation. The requirements of user revocation are various in general, such as subscription expiration, violation of access policy, group changing, and key exposure. To satisfy different requirements, multiple revocation approaches may interact each other. In this paper, we study how to achieve optimized user revocation cost with respect to various revocation approaches. We also propose a practical scheme Delta-RL that can fulfill an optimal overall performance on the base of extensive analysis.

FU Yong-ping,ZHAO Yin-liang,LI Bao-hong,REN Qin-an,ZHONG Sheng-hai

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.24.065

2007-01-01

Abstract:The proposed certificate revocation schemes restrict algorithm performance because they fail to consider the differences between the probabilities of inquiring certificate.The certificate revocation scheme based on priority skip lists,named CRPSL,can dynamic update the storage structure of certificate revocation dictionary according to the inquiry frequency,and can shorten the enquiry path of inquiring high frequency certificate so that the inquiry speed is accelerated.The test shows that the performance of CRPSL is better than that of CRL and 2-3CRT in the sides of insertion,deletion and enquiry,and the CRPSL conform to the actual situation of certificate inquiry fairly well.

Ke Wang

2006-01-01

Computer Science

Abstract:Now,The PKI technology is a feasible project of solving the safe problem effectively.The article discusses the PKI's nucleus-CA,and expounds the corporation-rate CA's design way,and carefully recounts the CA's en- semble structure and device model.

王政,赵明,斯雪明,韩文报

DOI: https://doi.org/10.3969/j.issn.1000-3428.2009.01.012

2009-01-01

Abstract:Large scale environment, unreasonable certificate revocation management will bring enormous operations and burden of network transmission. This paper analyzes some kinds of CRL mechanisms, puts forward a maintenance scheme of certificate revocation list named PSHT-CRL, which inherits the character of segment-CRL, redirect-CRL and over issue-CRL. PSHT-CRL uses Hash table, partial signature, and link method to ensure the scheme’s security, to reduce the cost of user request response and certificate updating. PSHT-CRL solves the problems of other revocation schemes. The security and capability of this scheme are analyzed and PSHT-CRL compared with other CRL scheme.

Zhichao Ruan,Wei Ye,Yankai Xie,Haixing Li,Chi Zhang,Lingbo Wei

DOI: https://doi.org/10.1109/icc45041.2023.10278733

2023-01-01

Abstract:Blockchain is the most promising technology to tackle the security challenges of certificate revocation schemes, such as vulnerability to the single point of failure and lack of accountability systems. However, current blockchain-based certificate revocation systems suffer from privacy problems as the blockchain nodes can learn which website the client is going to connect with and infer the end-user's private information, such as identity, location, and health condition. In this paper, we propose a decentralized certificate revocation scheme that allows clients to securely and privately verify revocation information. We not only take advantage of blockchain to provide security guarantees but also further craft a novel multi-server offline/online private information retrieval (PIR) protocol named MOO-PIR to preserve query privacy for clients even if a subset of servers collude. Finally, we provide security analysis and performance evaluation, demonstrating that our scheme can protect client privacy without compromising efficiency.

Qiong Li,Qiang Zhao,Dan Le,Xiamu Niu

DOI: https://doi.org/10.1007/s11128-016-1347-3

IF: 1.965

2016-01-01

Quantum Information Processing

Abstract:In quantum key distribution (QKD), the information theoretically secure authentication is necessary to guarantee the integrity and authenticity of the exchanged information over the classical channel. In order to reduce the key consumption, the authentication scheme with key recycling (KR), in which a secret but fixed hash function is used for multiple messages while each tag is encrypted with a one-time pad (OTP), is preferred in QKD. Based on the assumption that the OTP key is perfect, the security of the authentication scheme has be proved. However, the OTP key of authentication in a practical QKD system is not perfect. How the imperfect OTP affects the security of authentication scheme with KR is analyzed thoroughly in this paper. In a practical QKD, the information of the OTP key resulting from QKD is partially leaked to the adversary. Although the information leakage is usually so little to be neglected, it will lead to the increasing degraded security of the authentication scheme as the system runs continuously. Both our theoretical analysis and simulation results demonstrate that the security level of authentication scheme with KR, mainly indicated by its substitution probability, degrades exponentially in the number of rounds and gradually diminishes to zero.

ZHOU Xiaobin,XU Yong,ZHANG Ling

DOI: https://doi.org/10.3969/j.issn.1001-2486.2013.01.030

2013-01-01

Abstract:Some problems about the traditional identity authentication model for PKI(Public Key Infrastructure) were analyzed.For example,because certificate status verification service and key verification service depend on different service providers who have not enough trust degree in open network environment,the trust degree of the traditional model decreases and its risk increases.Additionally,there are other problems about cross-CAs and incomplete authentication service in the traditional model.Thus a new open identity authentication model was put forward for PKI,which can solve the above problems.In this model,the above two verification services were both provided by CA,and the service result was applied by providing identity certification file instead of OCSP answer.The trust degree of the traditional model and our model by using the cloud trust model presented by other researchers was calculated.The result of the calculating test shows that our model can improve the trust degree obviously.Finally,the prototype system of our model was completed,and especially the performance of the model was optimized.The test shows that the model has good practical value.

Qian Mei,Yanan Zhao,Hu Xiong

DOI: https://doi.org/10.15388/informatica.2019.226

2019-01-01

Informatica

Abstract:The primitive of certificateless signature, since its invention, has become a widely studied paradigm due to the lack of key escrow problem and certificate management problem. However, this primitive cannot resist catastrophic damage caused by key exposure. Therefore, it is necessary to integrate revocation mechanism into certificateless signature. In this paper, we propose a new certificateless signature scheme with revocation (RCLS) and prove its security under the standard model. In the meanwhile, our scheme can resist malicious-but-passive Key Generation Center (KGC) attacks that were not possible in previous solutions. The theoretical analysis shows our scheme has high efficiency and practicality.

Jian Weng,Yunlei Zhao,Robert H. Deng,Shengli Liu,Yanjiang Yang,Kouichi Sakurai

DOI: https://doi.org/10.1016/j.tcs.2015.07.051

IF: 1.002

2015-01-01

Theoretical Computer Science

Abstract:A public key trace and revoke scheme combines the functionality of broadcast encryption with the capability of traitor tracing. In Asiacrypt 2003, Kim, Hwang and Lee proposed a public key trace and revoke scheme (referred to as KHL scheme), and gave the security proof to support that their scheme is z-resilient against adaptive chosen-ciphertext attacks, in which the adversary is allowed to adaptively issue decryption queries as well as adaptively corrupt up to z users. In the passed ten years, KHL scheme has been believed as one of the most efficient public key trace and revoke schemes with z-resilience against adaptive chosen-ciphertext attacks under the well-studied DDH assumption. However, in this paper, by giving a concrete attack, we indicate that KHL scheme is actually not secure against adaptive chosen-ciphertexts, even without corruption of any user. We then identify the flaws in the security proof for KHL-scheme, and discuss the consequences of the attack.

李彪,张申生

DOI: https://doi.org/10.3321/j.issn:1006-2467.2002.09.019

2002-01-01

Abstract:PKI (Public Key Infrastructure) is the basis of secure applications in World Wide Web. The lack of dynamic property in traditional conformation of PKI can not fulfill the security requirements in virtual enterprises. A new conformation of PKI, based on a secret sharing scheme, was proposed to establish the security framework across enterprises and the trust among them.

周瑞辉,胡红钢,荆继武

DOI: https://doi.org/10.3969/j.issn.1000-3428.2002.04.020

2002-01-01

Abstract:This article introduces the problem on proof of possession in PKI, and narrates various resolutions of it. The focus of this article is the indirect method of proof of possession of encryption certificates.