MBS-OCSP: an OCSP based certificate revocation system for wireless environments

Insofar public-key cryptography has been mostly used to provide security for applications that don't have constraints on bandwidth, memory or power. This type of applications (e.g. digital signature applications) or security protocols (e.g. Secure Socket Layer - SSL) typically use X.509 public-key certificates issued in the frame of public key infrastructures (PKIs). For wireless devices, the design of X.509 certificate-based secure applications is still an open issue, mostly due to the storage, network and computation limitations. One important and difficult issue that must be handled is the distribution of the current revocation status of the X.509 certificate toward the mobile client. We propose an improvement of a system (named CPC-OCSP) that is an adaptation of the OCSP protocol, one certificate revocation mechanism largely used nowadays. Our proposal, named MBS-OCSP, makes use of Merkle hash trees and is particularly appropriate for use in wireless environments where the clients are able to cache some of the received information for further re-use. Unlike other proposals, our system is flexible since clients and servers must not agree "in advance" on any parameter used for cache management. Finally, we compare our proposal with the standard revocation mechanisms (CRL and OCSP) and with CPC-OCSP in terms of the computational effort and the message size.

[1]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[2]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[3]  Silvio Micali,et al.  On-line/off-line digital signatures , 1996, Journal of Cryptology.

[4]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[5]  Carlisle M. Adams,et al.  X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP , 1999, RFC.

[6]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and CRL Profile , 1999, RFC.

[7]  Michael T. Goodrich,et al.  Implementation of an authenticated dictionary with skip lists and commutative hashing , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[8]  Pascal Urien,et al.  Enhancing WLAN Security by Introducing EAP-TLS Smartcards , 2004, ICWI.

[9]  Adi Shamir,et al.  PayWord and MicroMint: Two Simple Micropayment Schemes , 1996, Security Protocols Workshop.

[10]  Jose L. Muñoz,et al.  Evaluation of certificate revocation policies: OCSP vs. Overissued-CRL , 2002, Proceedings. 13th International Workshop on Database and Expert Systems Applications.

[11]  Paul C. Kocher On Certificate Revocation and Validation , 1998, Financial Cryptography.

[12]  Michael Gertz,et al.  Flexible authentication of XML documents , 2001, CCS '01.