15th Annual Computer Security Applications Conference
December 6-10, 1999
Phoenix, Arizona

Fast Checking of Individual Certificate Revocation on Small Systems

Selwyn Russell, selwyn@sky.fit.qut.edu.au
Information Security Research Centre
School of Data Communications
Faculty of Information Technology
Queensland University of Technology
2 George Street, Brisbane, Australia

High security network transactions require the checking of the revocation status of public key certificates. On mobile systems this may lead to excessive delays and unacceptable performance. This paper examines small system requirements and options with a view to improving performance. It is shown that the use of keyed hash functions (message authentication codes) with a pre-registration option reduces network latency and allows stateless servers.