Logo Logo
Help
Contact
Switch Language to German
Beck, Michael Till; Krenn, Stephan; Preiss, Franz-Stefan; Samelin, Kai (2016): Practical Signing-Right Revocation. In: Trust and Trustworthy Computing: 9th International Conference, TRUST 2016, Vienna, Austria, August 29-30, 2016, Proceedings. Security and Cryptology, Vol. 9824. Cham: Springer. pp. 21-39
Full text not available from 'Open Access LMU'.

Abstract

One of the key features that must be supported by every modern PKI is an efficient way to determine (at verification) whether the signing key had been revoked. In most solutions, the verifier periodically contacts the certificate authority (CA) to obtain a list of blacklisted, or whitelisted, certificates. In the worst case this has to be done for every signature verification. Besides the computational costs of verification, after revocation all signatures under the revoked key become invalid. In the solution by Boneh et al. at USENIX ' 01, the CA holds a share of the private signing key and contributes to the signature generation. After revocation, the CA simply denies its participation in the interactive signing protocol. Thus, the revoked user can no longer generate valid signatures. We extend this solution to also cover privacy, non-trusted setups, and time-stamps. We give a formal definitional framework, and provide elegantly simple, yet provably secure, instantiations from efficient standard building blocks such as digital signatures, commitments, and partially blind signatures. Finally, we propose extensions to our scheme.