Related papers: Revocation Statuses on the Internet
The modern Internet is highly dependent on trust communicated via certificates. However, in some cases, certificates become untrusted, and it is necessary to revoke them. In practice, the problem of secure revocation is still open.…
Research in the field of electronic signature confirmation has been active for some 20 years now. Unfortunately present certificate-based solutions also come from that age when no-one knew about online data transmission. The official…
The ability to quickly revoke a compromised key is critical to the security of any public-key infrastructure. Regrettably, most traditional certificate revocation schemes suffer from latency, availability, or privacy problems. These…
Like any digital certificate, Verifiable Credentials (VCs) require a way to revoke them in case of an error or key compromise. Existing solutions for VC revocation, most prominently Bitstring Status List, are not viable for many use cases…
In a public-key infrastructure (PKI), clients must have an efficient and secure way to determine whether a certificate was revoked (by an entity considered as legitimate to do so), while preserving user privacy. A few certification…
Although TLS is used on a daily basis by many critical applications, the public-key infrastructure that it relies on still lacks an adequate revocation mechanism. An ideal revocation mechanism should be inexpensive, efficient, secure, and…
The successful deployment of safe and trustworthy Connected and Autonomous Vehicles (CAVs) will highly depend on the ability to devise robust and effective security solutions to resist sophisticated cyber attacks and patch up critical…
Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting malicious websites if they are provisioned with mistakenly issued certificates or certificates…
Electronic documents are signed using private keys and verified using the corresponding digital certificates through the well-known public key infrastructure model. Private keys must be kept in a safe container so they can be reused. This…
Hsu et al. (2022) proposed a cryptographic scheme within the public key infrastructure to bolster the security of smart grid meters. Their proposal involved developing the Certificate Management over CMS mechanism to establish Simple…
The efficiency of checking certificate status is one of the key indicators in the public key infrastructure (PKI). This prompted researchers to design the Online Certificate Status Protocol (OCSP) standard, defined in RFC 6960, to guide…
Flawed TLS certificates are not uncommon on the Internet. While they signal a potential issue, in most cases they have benign causes (e.g., misconfiguration or even deliberate deployment). This adds fuzziness to the decision on whether to…
This report surveys different PKI technologies such as PKIX and SPKI and the issues of PKI that affect scalability. Much focus is spent on certificate revocation methodologies and status verification systems such as CRLs, Delta-CRLs, CRS,…
Public Key Infrastructures (PKIs) with their trusted Certificate Authorities (CAs) provide the trust backbone for the Internet: CAs sign certificates which prove the identity of servers, applications, or users. To be trusted by operating…
The level of trust accorded to certification authorities has been decreasing over the last few years as several cases of misbehavior and compromise have been observed. Log-based approaches, such as Certificate Transparency, ensure that…
In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs). The main challenges lie exactly in (i) crafting an efficient and timely distribution of…
In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs). The main challenges lie exactly in (i) crafting an efficient and timely distribution of…
Systems managing Verifiable Credentials are becoming increasingly popular. Unfortunately, their support for revoking previously issued credentials allows verifiers to effectively monitor the validity of the credentials, which is sensitive…
The GDPR requires websites to facilitate the right to revoke consent from Web users. While numerous studies measured compliance of consent with the various consent requirements, no prior work has studied consent revocation on the Web.…
We address the challenging problem of efficient trust establishment in constrained networks, i.e., networks that are composed of a large and dynamic set of (possibly heterogeneous) devices with limited bandwidth, connectivity, storage, and…