Journal of Information Security and Cryptography (Enigma)

This paper presents a scheme for revoking certificates in a medium-small size semi-ad hoc military network, but the solution can be applied in the civilian side e.g. by police and crisis management. It describes the functionalities of a protocol to handle certificates, a set of policy rules in a node for handling certificates and an analysis how the proposed mechanisms can mitigate attacks on the certificate revocation solution. The mechanisms allows communication between the nodes on a lower security level even if the latest certificate revocation list is not available; protects against false revocations of certificates; and implements a mechanism for lowering trust levels of certificates. 

M. Naor and K. Nissim, Certificate Revocation and Certificate Update, IEEE J. on Selected Areas Comm., Vol. 18, No. 4, pp. 561-570, 2000.

P. Kocher, On certificate revocation and validation,” in Financial Cryptography-FC’98, Lecture Notes in Computer Science, Berlin, Springer-Verlag, pp. 172-177, 1998.

S. Micali, Efficient certificate revocation, Tech. Memo MIT/LCS/TM- 542b, 1996.

M.E. Nowatkowski and H.L. Owen, Certificate Revocation List Distribution in VANETs Using Most Pieces Broadcast, Proc. IEEE SoutheastCon 2010, pp. 238-241, 18-21. March 2010.

J. J. Haas, Y-C. Hu, and K. P. Laberteaux, Efficient Certificate Revocation List Organization and Distribution, IEEE J. on Selected Areas Comm. Vol. 29, No. 3, March 2011.

C. B. Popescu, B. Crispo, and A. S. Tanenbaum, A Certificate Revocation Scheme for a Large-Scale Highly Replicated Distributed System, Proc. 8th IEEE International Symposium on Computers and Communication (ISCC ́03), 2003.

B-H. Li, Y-B. Hou, and Y-L. Zhao, A Scalable Scheme for Certificate Revocation, Proc. 4th International Conf. on Machine Learning and Cybernetics, Guangzhou, 18-21, pp. 3852-3856, Aug. 2005.

J. Li, Y. Zhu, H. Pan, and S. Liu, A Distributed Certificate Scheme Based on One-Way Hash Chain for Wireless Ad Hoc Networks, Mobile Technology, Applications and Systems, 2nd International Conference, 2005.

H. Luo, J. Kong, P. Zerfos, S. Lu, and L. Zhang, URSA: Ubiquitous and Robust Access Control for Mobile Ad Hoc Networks, IEEE/ACM Tr. on Networking, Vol. 12, No. 6, Dec. 2004.

S. Chinni, J. Thomas, G. Ghinea, and Z. Shen, Trust model for certificate revocation in ad hoc networks, Ad Hoc networks, No. 6, pp. 441-457, 2008.

J. Clulow and T. More, Suicide for the Common Good. a New Strategy for Credential revocation in Self-Organizing Systems, AMCSIGOPS Operating Systems reviews, vol. 40,no. 3, pp. 18-21, Jul. 2007.

W. Liu, H. Nishiyama, N. Ansari, and H. Kato, A Study on Certificate revocation in Mobile Ad Hoc Networks, Proc. IEEE ICC 2011. 2011.

K. K. Chauhan, and S. Tapaswi, A Secure Key Management System in Group Structured Mobile Ad Hoc Networks, Proc. WCNIS, pp. 307-311, 25-27 June 2010.

G. Arboit, C. Crepeau, C.R. Davis, and M. Maheswaran, A localized certificate revocation scheme for mobile ad hoc networks, Ad Hoc Networks, No. 6, pp. 17-31, 2008.

Y. Kitada, A. Watanabe, and I. Sasase, On demand distributed public key management for wireless ad hoc networks, Communication, Computers and Signal Processing, 2005. PA CRI M. 2005 IEEE Pacific Rim. Conf. 24-26, pp. 454-457, Aug. 2005

M. C, Morogan and S. Muftic, Certificate Management in Ad Hoc Networks, IEEE Database, 2002.

R.KohlasandU.Mauer,ReasoningAboutPublic-KeyCertification:On Bindings Between Entities and Public Keys, IEEE J. on Selected Areas Comm., Vol. 18, No. 4, pp. 551-560, 2000.

C. Candolin and H. H. Kari, Distributing incomplete trust in wireless ad hoc networks, Proc. IEEE SoutheastCon, pp. 68-73, 2003.

P. Pan; B. Prabhakar and K. Psounis, CHOKe: A stateless AQM scheme for approximating fair bandwidth allocation, Proc. IEEE INFOCOM, Mar. 2000.