期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于二次剩余问题的证书撤销方案 被引量:1

A Certificate Revocation Scheme Based on Quadratic Residues Problem
下载PDF
导出
摘要 证书撤销状态发布是PK I一个最为关键的环节.评价一个证书撤销状态发布方案的指标主要包含证书状态发布通信量、发布的实时性、访问平稳性、目录服务器安全要求、状态验证计算复杂度等五个方面.在对目前已有证书状态发布方案分析的基础上,本文提出基于二次剩余难解问题的证书撤销状态发布方案.该方案在状态发布的实时性、发布数据通信量、访问发生平稳性、对目录服务器的安全要求等方面都有十分理想的效果,其计算复杂度也小于OCSP、CRT和CRL. The revocation of certificates is very important to PKI. The sticking points that influence a certificate revocation scheme heavily are the traffic for distribution of certificate status, the time the CA spent to flush those status to directory, whether the access to directory comes on smoothly, whether there is a strict requirement on the security of the directory, and computation complexity of status verification. Following the analysis of the existing certificate revocation schemes, we propose a new certificate revocation scheme based the difficulty of resolving the Quadratic Residues problem. This new scheme is good at the traffic needed to distribution the status, the time to flush the status to the directory and also good at the smoothness of access of users to the directory, and requires nothing about the security of the directory. And then we show that this new scheme has lower computation complexity than that of OCSP, CRL and CRT.
作者 唐三平 赵娟 陶然
机构地区 北京理工大学电子工程系
出处 《电子学报》 EI CAS CSCD 北大核心 2006年第4期583-586,共4页 Acta Electronica Sinica
基金 国家863高技术发展计划(No.2003AA142121)
关键词 证书撤销状态 证书撤销 目录服务器 数字签名 计算复杂度 revocation status of certificate certificate revocation directory digital signature computation complexity
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献11

  • 1Silvio Micali. Enhanced certificate revocation system[ DB/OL]. http://www. lcs. mit. edu/publications/pubs/pdf/MIT-LCS-TM-542.pdf, 1995 -08.
  • 2Carl A. Gunter. Generalized certificate revocation [ DB/OL]. http ://www. research.att. com/-trevor/papers/popl2000.pdf. 2000 - 01 - 05.
  • 3Jose L. Mutoz-Tapia, Jordi Forne-Mutoz. CPC-OCSP: an adaptation of OCSP for m-Commerce [ DB/OL ].http://isg. upc. es/cervantes/papers/data/upgrade02.pdf, 2002-12.
  • 4David A Cooper. CRL modeling [ Z ]. NIST, 1998 - 09-10.
  • 5David A Cooper. A model of certificate revocation [ A ].Proceedings of the Fifteenth Annual Computer Security Applications Conference [ C ]. Washington, DC: IEEE Computer Society ,1999.256 -264.
  • 6David A Cooper. A more efficient use of Delta-CRLs[A]. Proceedings of the 2000 IEEE Symposium on Security and Privacy[C]. Washington DC: IEEE Computer Society ,2000.190 -202.
  • 7Naor M, Nissim K. Certificate revocation and certificate update[J]. IEEE Journal on Selected Areas in Communications, 2000,18 ( 4 ) : 561 - 570.
  • 8Gaurav Jain. Certificate revocation : a survey [ DB/OL ].http://www.cis. upenn.edu/- jaing/papers/revocation. pdf,2000.
  • 9卢开澄.计算机密码学(第2版)[M].北京:清华大学出版社,1998..
  • 10Munoz J L, Forne J, Castro J C. Evaluation of certificate revocation policies: OCSP vs. overissued-CRL [ A ]. Proceedings 13th International Workshop on Database and Expert Systems Applications [ C ]. Washington , DC:IEEE Computer Society,2002. 511 -515.

共引文献5

引证文献1

电子学报
2006年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部