Skip to main content
Springer Nature Link
Log in

Pre-production Methods of a Response to Certificates with the Common Status –Design and Theoretical Evaluation–

  • Conference paper
Public Key Infrastructure (EuroPKI 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3093))

Included in the following conference series:

  • 455 Accesses

Abstract

The Online Certificate Status Protocol provides the up-to-date response to certificate status queries. To reduce the risk of denial of service attacks, the responder can pre-produce responses. However this approach has the disadvantage that computational costs of the responder are inefficient since the responder should pre-produce one response message for each certificate. This paper proposes efficient pre-producing methods, which the responder can pre-produce a response message for each group consisting of certificates with the common status. In our methods, computational costs of the responder are efficient, compared with the previous pre-producing method.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Arnes, A., Just, M., Knapskog, S.J., Lloyd, S., Meijer, H.: Selecting Revocation Solutions for PKI. In: 5th Nordic Workshop on Secure IT Systems (NORDSEC 2000) (2000), http://www.pvv.ntnu.no/andrearn/certrev/

  2. CoreStreet Ltd., Nonce Sense-Freshness and Security in OCSP Responses-, Core-Street Ltd. White Paper (2003), http://www.corestreet.com/whitepapers/nonce-sense.pdf

  3. Housley, R., Polk, W., Ford, W., Solo, D.: Certificate and Certificate Revocation List (CRL) Profile. IETF RFC3280 (2002), http://www.ietf.org/rfc/rfc3280.txt

  4. ITU/ISO Recommendation. X.509 Information Technology Open Systems Interconnection - The Directory: Authentication Frameworks (1997)

    Google Scholar 

  5. Kikuchi, H., Abe, K., Nakanishi, S.: Performance Evaluation of Certificate Revocation Using k-Valued Hash Tree. In: Zheng, Y., Mambo, M. (eds.) ISW 1999. LNCS, vol. 1729, pp. 103–117. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  6. Kikuchi, H., Abe, K., Nakanishi, S.: Certificate Revocation Protocol Using k-Ary Hash Tree. IEICE TRANS. COMMUN. E84-B(8) (2001)

    Google Scholar 

  7. Kocher, P.C.: On Certificate Revocation and Validation. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 172–177. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  8. Malpani, A., Housley, R., Freeman, T.: Simple Certificate Validation Protocol. IETF Internet-Draft (2003), http://www.ietf.org/internet-drafts/draft-ietf-pkix-scvp-13.txt

  9. Merkle, R.C.: A Certified Digital Signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)

    Google Scholar 

  10. Micali, S.: Efficient Certificate Revocation, Technical Memo MIT/LCS/TM-542b, Massachusetts Institute of Technology (1996)

    Google Scholar 

  11. Micali, S.: NOVOMODO; Scalable Certificate Validation And Simplified PKI Management. In: 1st Annual PKI Research Workshop, pp.15–25 (2002), http://www.cs.dartmouth.edu/pki02/

  12. Munoz, J.L., Forne, J., Esparza, O., Bernable, I., Soriano, M.: Using OCSP to Secure Certificate-Using Transactions in M-commerce. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 280–292. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  13. Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Publik Key Infrastructure Online Certificate Status Protocol-OCSP. IETF RFC2560 (1999), http://www.ietf.org/rfc/rfc2560.txt

  14. Naor, M., Nissim, K.: Certificate Revocation and Certificate Update. In: 7th USENIX Security Symposium, pp. 217–228 (1998), http://www.usenix.org/publications/library/proceedings/usenix98/

  15. Nash, A., Duane, W., Joseph, C., Brink, D.: PKI - Implementing and Managing E-Security. Osborne Media Group (2001)

    Google Scholar 

  16. Pinkas, D., Housley, R.: Delegated Path Validation and Delegated Path Discovery Protocol Requirements. RFC3379 (2002), http://www.ietf.org/rfc/rfc3379.txt

  17. Rivest, R.L.: Can We Eliminate Certificate Revocation Lists? In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 178–183. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Graduate School of Information Science and Electrical Engineering, Kyushu University, 6-10-1 Hakozaki, Higashi-ku, Fukuoka, 812-8581, Japan

    Satoshi Koga

  2. Division of Electrical and Computer Engineering, Chungnam National University, 220 Gung-dong, Yuseong-gu, Daejeon, 305-764, Korea

    Jae-Cheol Ryou

  3. Faculty of Information Science and Electrical Engineering, Kyushu University, 6-10-1 Hakozaki, Higashi-ku, Fukuoka City, 812-8581, Japan

    Kouichi Sakurai

Authors
  1. Satoshi Koga
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jae-Cheol Ryou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kouichi Sakurai
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Technology Education and Digital Systems, University of Piraeus, 150 Androutsou St., GR-18532, Pireaus, Greece

    Sokratis K. Katsikas

  2. Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, Samos, Greece

    Stefanos Gritzalis

  3. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier López

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Koga, S., Ryou, JC., Sakurai, K. (2004). Pre-production Methods of a Response to Certificates with the Common Status –Design and Theoretical Evaluation–. In: Katsikas, S.K., Gritzalis, S., López, J. (eds) Public Key Infrastructure. EuroPKI 2004. Lecture Notes in Computer Science, vol 3093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25980-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-25980-0_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-22216-3

  • Online ISBN: 978-3-540-25980-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics