| Summary: | 碩士 === 國立東華大學 === 資訊工程學系 === 92 ===
Technically, PKI was based on the public key cryptography and combined the digital certificate technique, in order to provide security features on networks, such as confidentiality, integrity, authentication and non-repudiation. Before accepting a certificate, relying parties need to check the revoked information whether the certificate is valid or revoked. However, due to various reasons, the certificate may be revoked before expiration. Hence, timely certificate revocation information is one of the major concerning in PKI. In addition, when considering the requirements of e-commerce communities and all the internet users, especially the mobile client, we also have to take the efficiency (update cost and query cost) into account. Furthermore, the revocation information structure produced by trust party also needs to resist the malicious tampering. As a result, a certificate revocation checking scheme with timeliness, efficiency and security is a primary task recently.
In this thesis, we propose a certificate revocation scheme based on the Huffman hash tree for revocation information checking. We integrate the binary hash tree with Huffman tree structure to reduce the query cost. Our proposed scheme is approved by both theoretical analyses and simulated results. We compared to several previous certificate revocation schemes, our schemes satisfy the security requirement and achieve the efficiencies of update and query.
|
|---|
