CryptoDB
Simple and Flexible Private Revocation Checking
Authors: | |
---|---|
Download: | |
Abstract: | Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners. Although a certificate usually includes an expiration time, it is not uncommon that a certificate needs to be revoked prematurely. For this reason, whenever a client (user or program) needs to assert the validity of another partys certificate, it performs revocation checking. There are many revocation techniques varying in both the operational model and underlying data structures. One common feature is that a client typically contacts an on-line third party (trusted, untrusted or semi-trusted), identifies the certificate of interest and obtains some form of a proof of either revocation or validity (non-revocation) for the certificate in question. While useful, revocation checking can leak potentially sensitive information. In particular, third parties of dubious trustworthiness discover two things: (1) the identity of the party posing the query, as well as (2) the target of the query. The former can be easily remedied with techniques such as onion routing or anonymous web browsing. Whereas, hiding the target of the query is not as obvious. Arguably, a more important loss of privacy results from the third partys ability to tie the source of the revocation check with the querys target. (Since, most likely, the two are about to communicate.) This paper is concerned with the problem of privacy in revocation checking and its contribution is two-fold: it identifies and explores the loss of privacy inherent in current revocation checking, and, it constructs a simple, efficient and flexible privacy-preserving component for one well-known revocation method. |
BibTeX
@misc{eprint-2006-21559, title={Simple and Flexible Private Revocation Checking}, booktitle={IACR Eprint archive}, keywords={cryptographic protocols / privacy-preserving protocols, revocation, implementation}, url={http://eprint.iacr.org/2006/066}, note={ gts@ics.uci.edu 13320 received 20 Feb 2006, last revised 20 Jun 2006}, author={John Solis and Gene Tsudik}, year=2006 }