본문 바로가기
  • Home

Problems of certificate status validation methods using hash chain and their countermeasure

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2008, 13(1), pp.161-168
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science

Hyun-Joong Kang 1 안정희 2

1서일대학
2두원공과대학

Accredited

ABSTRACT

As the authentication and the integrity methods based on the hash chain are popular, several certificate status validation methods based on the same function are proposed at the moment. In NOVOMODO, a CA generates and releases the hash value to each user. In Jianying Zhou’s framework and Jong-Phil Yang’s framework, a user generates and releases the hash value to verifier. Therefore, the CA loads are distributed to each user. However, these frameworks are based on the assumption that the CA’s secret key is not lost or compromised and the certificates issued by the CA are error-free. Therefore, these frameworks are not suitable in real PKI environments. In this paper, as one hash value generated by CA is included in the user’s certificate in addition, the certificate revocation published by CA using that value can be managed. The hash value included in user’s certificate is the same for all users. The computation costs, the storage amounts and the release costs are small in the CA. And we modify the procedure for the signature and its validation in Jong-Phil Yang’s framework. Our solution is more suitable than those frameworks in real PKI environments.

Citation status

* References for papers published after 2022 are currently being built.