Skip to main content
Springer Nature Link
Log in

Optimized Certificates – A New Proposal for Efficient Electronic Document Signature Validation

  • Conference paper
Public Key Infrastructure (EuroPKI 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5057))

Included in the following conference series:

  • 811 Accesses

Abstract

Optimized certification is a new method for efficient certificate path verification and digital signing. The basic idea is to issue special certificates (called optimized certificates) for an electronic document to replace the signer’s certificate. Optimized certificates are issued to be only valid for a specific time, i.e., the fields notBefore and notAfter of the certificate are the same. Therefore, certificate revocation are not a requirement as it is no longer necessary to request the status of certificates from a certification authority repository to validate signatures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  2. Diffie, W.: The first ten years of public-key cryptography, pp. 510–527 (1988)

    Google Scholar 

  3. Zhou, J., Deng, R.: On the validity of digital signatures. SIGCOMM Comput. Commun. Rev. 30(2), 29–34 (2000)

    Article  MathSciNet  Google Scholar 

  4. Adams, C., Farrell, S., Kause, T., Mononen, T.: Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP). RFC 4210 (Proposed Standard) (September 2005)

    Google Scholar 

  5. Lloyd, S.: Understanding certification path construction. PKI Forum, 1–14 (September 2002)

    Google Scholar 

  6. Russell, S., Dawson, E., Okamoto, E., Lopez, J.: Virtual certificates and synthetic certificates: new paradigms for improving public key validation. Computer Communications 26(16), 1826–1838 (2003)

    Article  Google Scholar 

  7. Levi, A., Caglayan, M.U., Koc, C.K.: Use of nested certificates for efficient, dynamic, and trust preserving public key infrastructure. ACM Trans. Inf. Syst. Secur. 7(1), 21–59 (2004)

    Article  Google Scholar 

  8. Ferguson, N., Schneier, B.: Practical cryptography. Wiley, Chichester (2003)

    Google Scholar 

  9. Perlman, R., Kaufman, C.: Method of issuance and revocation of certificates of authenticity used in public key networks and other systems. Technical report, United State Patent 5,261,002 (1993)

    Google Scholar 

  10. Cooper, D.A.: A model of certificate revocation. In: ACSAC 1999: Proceedings of the 15th Annual Computer Security Applications Conference, Washington, DC, USA, pp. 256–264. IEEE Computer Society, Los Alamitos (1999)

    Chapter  Google Scholar 

  11. Micali, S.: Efficient certificate revocation. Technical report, Cambridge, MA, USA (1996)

    Google Scholar 

  12. Kocher, P.C.: On certificate revocation and validation. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 172–177. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  13. Cooper, D.A.: A more efficient use of delta-crls. In: SP 2000: Proceedings of the 2000 IEEE Symposium on Security and Privacy, Washington, DC, USA, p. 190. IEEE Computer Society, Los Alamitos (2000)

    Chapter  Google Scholar 

  14. Naor, M., Nissim, K.: Certificate revocation and certificate update. IEEE Journal on Selected Areas in Communications 18(4), 561–570 (2000)

    Article  Google Scholar 

  15. Gassko, I., Gemmell, P., MacKenzie, P.D.: Efficient and fresh cerification. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 342–353. Springer, Heidelberg (2000)

    Google Scholar 

  16. Rivest, R.L.: Can we eliminate certificate revocations lists? In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 178–183. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  17. Adams, C., Lloyd, S.: Understanding PKI: Concepts, Standards, and Deployment Considerations. Addison-Wesley Longman Publishing Co, Boston (2002)

    Google Scholar 

  18. Micali, S.: NOVOMODO: Scalable Certificate Validation and Simplified PKI Management. In: Proceedings of the 1st Annual PKI Research Workshop, NIST, Gaithersburg MD, USA (April 2002)

    Google Scholar 

  19. Mills, D.: Network Time Protocol (Version 3) Specification, Implementation and Analysis. RFC 1305 (Draft Standard) (March 1992)

    Google Scholar 

  20. Haber, S., Stornetta, W.S.: How to time-stamp a digital document. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 437–455. Springer, Heidelberg (1991)

    Google Scholar 

  21. Zheng, P.: Tradeoffs in certificate revocation schemes. SIGCOMM Comput. Commun. Rev. 33(2), 103–112 (2003)

    Article  Google Scholar 

  22. Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. RFC 2560 (Proposed Standard) (June 1999)

    Google Scholar 

  23. McDaniel, P., Rubin, A.D.: A response to can we eliminate certificate revocation lists? In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 245–258. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratório de Segurança em Computação (LabSEC), Universidade Federal de Santa Catarina (UFSC), Caixa Postal 476, 88040-900, Florianópolis, SC, Brasil

    Ricardo Felipe Custódio, Martín A. Gagliotti Vigil & Juliano Romani

  2. Programa de Ps-Graduação em Engenharia Elétrica, Universidade Federal de Santa Catarina (UFSC),  

    Fernando Carlos Pereira & Joni da Silva Fraga

Authors
  1. Ricardo Felipe Custódio
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martín A. Gagliotti Vigil
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Juliano Romani
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fernando Carlos Pereira
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Joni da Silva Fraga
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Stig F. Mjølsnes Sjouke Mauw Sokratis K. Katsikas

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Custódio, R.F., Vigil, M.A.G., Romani, J., Pereira, F.C., da Silva Fraga, J. (2008). Optimized Certificates – A New Proposal for Efficient Electronic Document Signature Validation. In: Mjølsnes, S.F., Mauw, S., Katsikas, S.K. (eds) Public Key Infrastructure. EuroPKI 2008. Lecture Notes in Computer Science, vol 5057. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69485-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-69485-4_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69484-7

  • Online ISBN: 978-3-540-69485-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics