Skip to main content
SpringerLink
Log in

Separable Implicit Certificate Revocation

  • Conference paper
Information Security and Cryptology – ICISC 2004 (ICISC 2004)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3506))

Included in the following conference series:

Abstract

The popular certificate revocation systems such as CRL and OCSP have a common drawback that they are explicit certificate revocation; the sender must obtain the revocation status information of the receiver’s certificate, before sending an encrypted message. Recently, an implicit certificate revocation system called ‘certificate-based encryption’ was introduced. In this model, a receiver needs both his private key and an up-to-date certificate from the CA (Certification Authority) to decrypt a ciphertext, while senders need not be concerned about the certificate revocation problem. Hence, the certificate-based encryption system has the advantage of light infrastructure requirement. However, the certificate-based encryption system has an important drawback that it is inseparable; only the CA can handle the certificate revocation problem and the load cannot be distributed among multiple trusted authorities. In this paper, we propose a separable implicit certificate revocation system called ‘status certificate-based encryption,’ in which the authenticity of a public key is guaranteed by a (long-lived) certificate and the certificate revocation problem is resolved by a (short-lived) status certificate. We present a secure construction based on bilinear mappings as well as definitional works.

This research was supported by University IT Research Center Project and the Brain Korea 21 Project.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. Bellare, M., Desai, A., Jokipii, D., Rogaway, P.: A concrete security treatment of symmetric encryption: analysis of the DES modes of operation. In: FOCS 1997. IEEE, Los Alamitos (1997)

    Google Scholar 

  3. Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  4. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  5. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: 1st ACM Conf. on Computer and Communications Security, pp. 62–73 (1993)

    Google Scholar 

  6. Chen, L., Harrison, K., Soldera, D., Smart, N.P.: Applications of multiple trust authorities in pairing based cryptosystems. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 260–275. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  7. Dodis, Y., Katz, J., Xu, S., Yung, M.: Key-insulated public key cryptosystems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 65–82. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Dodis, Y., Katz, J., Xu, S., Yung, M.: Strong key-insulated signature schemes. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 130–144. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  9. Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999)

    Google Scholar 

  10. Gentry, C.: Certificate-based encryption and the certificate revocation problem. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  11. Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile, RFC 3280, IETF (2002)

    Google Scholar 

  12. Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet public key infrastructure online certificate status protocol - OCSP, RFC 2560, IETF (1999)

    Google Scholar 

  13. McDaniel, P., Jamin, S.: Windowed certificate revocation. In: IEEE Infocom 2000, pp. 1406–1414 (2000)

    Google Scholar 

  14. Micali, S.: NOVOMODO: scalable certificate validation and simplified PKI management. In: 1st Annual PKI Research Workshop Proceedings, pp. 15–26 (2002)

    Google Scholar 

  15. Naor, M., Nissim, K.: Certificate revocation and certificate update. In: 7th USENIX Security Symposium, pp. 217–228 (1998)

    Google Scholar 

  16. NIST, Digital siganture standard, FIPS PUB 186-2 (2000)

    Google Scholar 

  17. Rivest, R.: Can we eliminate certificate revocation lists? In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 178–183. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  18. Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signature and public key cryptosystem. Comm. of the ACM 21(2), 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  19. Shamir, A.: Identity-based cryptosystems and signature Schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  20. Smart, N.P.: Access Control Using Pairing Based Cryptography. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 111–121. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Lab., EEE, Postech, Korea

    Dae Hyun Yum & Pil Joong Lee

  2. Department of Computer Science, New York University, USA

    Dae Hyun Yum

  3. KT Research Center, KT Corp., Korea

    Pil Joong Lee

Authors
  1. Dae Hyun Yum
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pil Joong Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. National Security Research Institute, 305-348, Daejeon, Korea

    Choon-sik Park

  2. National Security Research Institute (NSRI), 161 Gajeong-dong, Yuseong-gu, 305-350, Daejeon, Korea

    Seongtaek Chee

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yum, D.H., Lee, P.J. (2005). Separable Implicit Certificate Revocation. In: Park, Cs., Chee, S. (eds) Information Security and Cryptology – ICISC 2004. ICISC 2004. Lecture Notes in Computer Science, vol 3506. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11496618_10

Download citation

  • DOI: https://doi.org/10.1007/11496618_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26226-8

  • Online ISBN: 978-3-540-32083-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation