A distributed online certificate status protocol with a single public key

Satoshi Koga, Kouichi Sakurai

Research output: Contribution to journalArticle

6 Citations (Scopus)

Abstract

The Public Key Infrastructure (PKI) technology is very important to support secure global electronic commerce and digital communications on networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme [6]. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed, so the client simply obtains and stores one certificate and can verify any responses by using a single public key.

Original languageEnglish
Pages (from-to)389-401
Number of pages13
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2947
Publication statusPublished - Dec 1 2004

Fingerprint

Electronic commerce
Public key
Certificate
Communication
Public Key Infrastructure
Revocation
Signature Scheme
Electronic Commerce
Damage
Verify
Minimise

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

@article{d467242c1e5c42f9b7b71b0ec978de7b,
title = "A distributed online certificate status protocol with a single public key",
abstract = "The Public Key Infrastructure (PKI) technology is very important to support secure global electronic commerce and digital communications on networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme [6]. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed, so the client simply obtains and stores one certificate and can verify any responses by using a single public key.",
author = "Satoshi Koga and Kouichi Sakurai",
year = "2004",
month = "12",
day = "1",
language = "English",
volume = "2947",
pages = "389--401",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - A distributed online certificate status protocol with a single public key

AU - Koga, Satoshi

AU - Sakurai, Kouichi

PY - 2004/12/1

Y1 - 2004/12/1

N2 - The Public Key Infrastructure (PKI) technology is very important to support secure global electronic commerce and digital communications on networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme [6]. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed, so the client simply obtains and stores one certificate and can verify any responses by using a single public key.

AB - The Public Key Infrastructure (PKI) technology is very important to support secure global electronic commerce and digital communications on networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme [6]. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed, so the client simply obtains and stores one certificate and can verify any responses by using a single public key.

UR - http://www.scopus.com/inward/record.url?scp=27544438470&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=27544438470&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:27544438470

VL - 2947

SP - 389

EP - 401

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

ER -