Public Key Infrastructure (PKI) is increasingly popular as the security infrastructure of choice in corporate information systems and Internet applications. In particular, certi cates are used to distribute public keys associated with the identity of its owner. One of the main concerns associated with PKI is that mechanisms for revocation of certi cates are required. Certi cate Revocation is the action of declaring a certi cate invalid before its validity period is at an end. Investigations of PKI have demonstrated that the traditional means of certi cate revocation are the most expensive part of a PKI system. In response to this problem, several di erent schemes and protocols have been suggested to provide more e cient certi cate revocation. This thesis provides a survey and an analysis of existing schemes for public key certi cate revocation. The analysis includes the traditional certi cate revocation lists, protocols that provide on-line certi cate revocation, as well as revocation systems with reduced data structures. Some techniques for improving the existing schemes are also suggested. Based on the analysis, the di erent schemes are compared in order to highlight advantages and disadvantages. A guideline for using this information in selecting a revocation solution is developed and applied to di erent example scenarios. This thesis is intended to provide a comprehensive background in certi cate revocation as a basis for further research and development in the area, as well as a guide for PKI system developers in need of a certi cate revocation system. i Acknowledgments I want to thank Professor Henk Meijer at the Department of Computing and Information Science at Queen's University for supervising the writing of this thesis and providing essential guidance and feedback. Our weekly meetings have proved very bene cial in the progress of this thesis. Also, I thank Steve Lloyd and Mike Just at Entrust Technologies for providing an opportunity to work with representatives from the leading industry in the eld. They have shown high interest in the project, and they have provided valuable feedback based on their experience and insight in both standardization work and implementations. I acknowledge Entrust Technologies and CITO (Communications and Information Technology Ontario) for the nancial support of this project. Finally, I appreciate the assistance of Associate Professor Svein J. Knapskog at the Department of Telematics at the Norwegian University of Science and Technology. As my home university supervisor, he has been very helpful in providing help with administrative issues, as well as given general advise on my thesis and its progression. ii
[1]
M. Naor,et al.
Certiicate Revocation and Certiicate Update
,
1998
.
[2]
Douglas R. Stinson,et al.
Cryptography: Theory and Practice
,
1995
.
[3]
Charles Adams,et al.
Understanding Public-Key Infra-structure: Concepts, Standards, and Deployment Con-siderations
,
1999
.
[4]
S. Micali.
Eecient Certiicate Revocation
,
1996
.
[5]
Randy Chow,et al.
Distributed Operating Systems & Algorithms
,
1997
.
[6]
Patrick D. McDaniel,et al.
A Response to ''Can We Eliminate Certificate Revocation Lists?''
,
2000,
Financial Cryptography.
[7]
Whitfield Diffie,et al.
New Directions in Cryptography
,
1976,
IEEE Trans. Inf. Theory.
[8]
Warwick Ford,et al.
Secure electronic commerce
,
1997
.
[9]
Charles P. Pfleeger,et al.
Security in computing
,
1988
.
[10]
Ronald L. Rivest,et al.
Can We Eliminate Certificate Revocations Lists?
,
1998,
Financial Cryptography.
[11]
Rafail Ostrovsky,et al.
Fast digital identity revocation
,
1998
.