1-1hit |
The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.