The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Satoshi KOGA, Kouichi SAKURAI, "Proposal and Analysis of a Distributed Online Certificate Status Protocol with Low Communication Cost" in IEICE TRANSACTIONS on Fundamentals,
vol. E88-A, no. 1, pp. 247-254, January 2005, doi: 10.1093/ietfec/e88-a.1.247.
Abstract: The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1093/ietfec/e88-a.1.247/_p
Copy
@ARTICLE{e88-a_1_247,
author={Satoshi KOGA, Kouichi SAKURAI, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Proposal and Analysis of a Distributed Online Certificate Status Protocol with Low Communication Cost},
year={2005},
volume={E88-A},
number={1},
pages={247-254},
abstract={The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.},
keywords={},
doi={10.1093/ietfec/e88-a.1.247},
ISSN={},
month={January},}
Copy
TY - JOUR
TI - Proposal and Analysis of a Distributed Online Certificate Status Protocol with Low Communication Cost
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 247
EP - 254
AU - Satoshi KOGA
AU - Kouichi SAKURAI
PY - 2005
DO - 10.1093/ietfec/e88-a.1.247
JO - IEICE TRANSACTIONS on Fundamentals
SN -
VL - E88-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2005
AB - The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.
ER -