| 基于单向散列链的公钥证书撤销机制 |
| |
| 引用本文: | 李景峰,潘恒,祝跃飞.基于单向散列链的公钥证书撤销机制[J].小型微型计算机系统,2006,27(4):642-645. |
| |
| 作者姓名: | 李景峰 潘恒 祝跃飞 |
| |
| 作者单位: | 1. 信息工程大学,信息工程学院,计算机与网络工程系,河南,郑州,450002;信息工程大学,电子技术学院,河南,郑州,450004
2. 信息工程大学,信息工程学院,计算机与网络工程系,河南,郑州,450002 |
| |
| 基金项目: | 国家重点基础研究发展计划(973计划);中国科学院资助项目;河南省杰出青年科学基金 |
| |
| 摘 要: | 证书撤销是公钥基础设施(PKI,Public Key Infrastructure)研究和应用的难点问题.本文首先讨论了当前应用最广泛的两类证书撤销机制一证书撤销列表(CRL,Certificate Revocation List)和在线证书状态罅议(OCSP,Online Certificate Status Protocol),剖析了这两种机制各自存在自的不足.在此基础上,提出了一种基于单向散列链的证书撤销机制.
|
| 关 键 词: | 单向散列链 公钥证书 证书撤销 |
| 文章编号: | 1000-1220(2006)04-0642-04 |
| 收稿时间: | 12 7 2004 12:00AM |
| 修稿时间: | 2004-12-07 |
New Public Key Certificate Revocation Scheme Based on One-way Hash Chain |
| |
| LI Jing-feng,PAN Heng,ZHU Yue-fei.New Public Key Certificate Revocation Scheme Based on One-way Hash Chain[J].Mini-micro Systems,2006,27(4):642-645. |
| |
| Authors: | LI Jing-feng PAN Heng ZHU Yue-fei |
| |
| Affiliation: | 1 Network Engineering Department of Information Engineering University,Zhengzhou 450002. China;2 Electronic Technology Institute, Information Engineering University. Zhengzhou 450004. China |
| |
| Abstract: | Certificate revocation is always a difficult problem of research and application of public key infrastructure(PKI). In this paper reviewsed two main schemes to implement certificate revocation, that is, Certificate Revocation Lists(CRL) and Online Certificate Status Protocol(OCSP). The working principles of these schemes were described, and the disadvantages of each scheme were also analyzed in some details. According to such discussion, a new certificate revocation scheme based on one-way hash chain is presented. |
| |
| Keywords: | one-way hash chain public key certificate certificate revocation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
