Proposal and analysis of a distributed online certificate status protocol with low communication cost

Satoshi Koga, Kouichi Sakurai

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. [6], In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.

Original languageEnglish
Pages (from-to)247-254
Number of pages8
JournalIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
VolumeE88-A
Issue number1
DOIs
Publication statusPublished - Jan 2005

Fingerprint

Communication Cost
Electronic commerce
Certificate
Communication
Public key
Costs
Public Key Infrastructure
Revocation
Signature Scheme
Electronic Commerce
Damage
Verify
Minimise

All Science Journal Classification (ASJC) codes

  • Signal Processing
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering
  • Applied Mathematics

Cite this

@article{005790705a0c4f08a440356cdcd54d06,
title = "Proposal and analysis of a distributed online certificate status protocol with low communication cost",
abstract = "The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. [6], In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.",
author = "Satoshi Koga and Kouichi Sakurai",
year = "2005",
month = "1",
doi = "10.1093/ietfec/E88-A.1.247",
language = "English",
volume = "E88-A",
pages = "247--254",
journal = "IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences",
issn = "0916-8508",
publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",
number = "1",

}

TY - JOUR

T1 - Proposal and analysis of a distributed online certificate status protocol with low communication cost

AU - Koga, Satoshi

AU - Sakurai, Kouichi

PY - 2005/1

Y1 - 2005/1

N2 - The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. [6], In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.

AB - The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. [6], In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.

UR - http://www.scopus.com/inward/record.url?scp=27544456887&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=27544456887&partnerID=8YFLogxK

U2 - 10.1093/ietfec/E88-A.1.247

DO - 10.1093/ietfec/E88-A.1.247

M3 - Article

AN - SCOPUS:27544456887

VL - E88-A

SP - 247

EP - 254

JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

SN - 0916-8508

IS - 1

ER -