Information Technology Reference
In-Depth Information
A Certificate Status Checking Protocol
for the Authenticated Dictionary
Jose L. Munoz, Jordi Forne, Oscar Esparza, and Miguel Soriano
Technical University of Catalonia, Telematics Engineering Department
1-3 Jordi Girona, C3 08034 Barcelona, Spain
jose.munoz,jordi.forne,oscar.esparza,soriano@entel.upc.es
Abstract.
Public-key cryptography is widely used to secure transac-
tions among distributed systems and the Public Key Infrastructure (PKI)
is the infrastructure that allows to securely deliver the public keys to
these systems. The public key delivery is usually performed by way of
a digital document called certificate. Digital certificates have a limited
life-time and the revocation is the mechanism under which a certificate
can be invalidated prior to its expiration. The certificate revocation is
one of the most costly mechanisms in the whole PKI and the goal of
this paper is to present a detailed explanation of a certificate status
checking protocol for an ecient revocation system based on the data
structures proposed by Naor and Nissim in their Authenticated Dictio-
nary (AD) [11]. This paper also addresses important aspects associated
with the response verification that were beyond the scope of the original
AD specification.
1
Introduction
In open distributed systems it is needed an effective way of providing the basic
security services such as user authentication, access control, confidentiality, in-
formation integrity and non repudiation. The public-key cryptography is widely
used to provide these services. In public key cryptography, a couple of keys is
used, one is public (i.e. known by everybody) and the other is private (i.e. se-
cret). The public key is usually made public by way of a digital document called
certificate. A certificate is valid because it is digitally signed by a Trusted Third
Party (TTP) called “issuer”. Actually, any data with a digital signature can be
considered a certificate, but the most widely employed is the Identity Certificate
(IC), whose main function is binding a public key with an identity. An IC usually
includes the following data: holder's public key, activation date, expiration date,
serial number, holder's name and issuer's name. Notice that the certificate has a
bounded life-time, i.e. it is not valid prior to the activation date and it is not valid
beyond the expiration date. The TTP that issues the ICs is called Certification
Authority (CA). However, to deal with ICs, not only the CA is necessary, but
This work has been supported by the Spanish Research Council under the project
DISQET (TIC2002-00818).
