Efficient user revocation for privacy-aware PKI

Privacy-aware Public Key Infrastructure (PKI) can maintain user access control and yet protect user privacy, which is envisioned as a promising technique in many emerging applications. To justify the applicability of privacy-aware PKI and optimize the performance, it is highly important to ensure the efficiency of handling user revocations. In practice, user revocation can be due to various predictable and unpredictable reasons, e.g., subscription expiration, network access policy violation, group changing, secret key exposure, etc. Both predictable and unpredictable reasons can happen concurrently, which makes the design of efficient user revocation mechanism challenging. In this paper, we study how to achieve optimized user revocation cost with respect to various revocation approaches. We also propose an advanced scheme Delta-RL that ensures an optimized overall performance in terms of communication, computation and storage, as justified by the extensive analysis.

[1]  Lan Nguyen,et al.  Accumulators from Bilinear Pairings and Applications , 2005, CT-RSA.

[2]  Dawn Xiaodong Song,et al.  Quasi-Efficient Revocation in Group Signatures , 2002, Financial Cryptography.

[3]  Jacques Stern,et al.  Efficient Revocation in Group Signatures , 2001, Public Key Cryptography.

[4]  Sheldon M. Ross,et al.  Introduction to Probability Models, Eighth Edition , 1972 .

[5]  David A. Cooper A more efficient use of delta-CRLs , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[6]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[7]  Jinhua Guo,et al.  A Group Signature Based Secure and Privacy-Preserving Vehicular Communication Framework , 2007, 2007 Mobile Networking for Vehicular Environments.

[8]  Pin-Han Ho,et al.  GSIS: A Secure and Privacy-Preserving Protocol for Vehicular Communications , 2007, IEEE Transactions on Vehicular Technology.

[9]  Nobuo Funabiki,et al.  Verifier-Local Revocation Group Signature Schemes with Backward Unlinkability from Bilinear Maps , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[10]  Maxim Raya,et al.  The security of vehicular ad hoc networks , 2005, SASN '05.

[11]  Mihir Bellare,et al.  Foundations of Group Signatures: The Case of Dynamic Groups , 2005, CT-RSA.

[12]  Panagiotis Papadimitratos,et al.  Efficient and robust pseudonymous authentication in VANET , 2007, VANET '07.

[13]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[14]  Ivan Visconti,et al.  An Anonymous Credential System and a Privacy-Aware PKI , 2003, ACISP.

[15]  Peter Desnoyers,et al.  Ultra-low power data storage for sensor networks , 2009, TOSN.

[16]  Hovav Shacham,et al.  Group signatures with verifier-local revocation , 2004, CCS '04.

[17]  Ke Zeng,et al.  Pseudonymous PKI for Ubiquitous Computing , 2006, EuroPKI.

[18]  Sheldon M. Ross,et al.  Introduction to probability models , 1975 .

[19]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.