Design of a certificate revocation platform

Public key cryptography is widely used to provide security services. The PKI is the infrastructure that supports the public key cryptography and the revocation of the certificates implies one of its major costs. Our goal is to introduce a Java platform to test, evaluate and dimension certificate revocation systems. The revocation platform includes our implementations of Overissued CRL, OCSP, CPC-OCSP and AD-MHT to perform the certificate status checking, as well as a simple protocol to perform the revocation requests called SCRP.

[1]  Jose L. Muñoz,et al.  Implementation of an efficient authenticated dictionary for certificate revocation , 2003, Proceedings of the Eighth IEEE Symposium on Computers and Communications. ISCC 2003.

[2]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[3]  David A. Cooper,et al.  A model of certificate revocation , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[4]  Paul C. Kocher On Certificate Revocation and Validation , 1998, Financial Cryptography.

[5]  S. Micali,et al.  NOVOMODO : Scalable Certificate Validation and Simplified PKI Management , 2002 .

[6]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[7]  Petra Wohlmacher,et al.  Digital certificates: a survey of revocation methods , 2000, MULTIMEDIA '00.