| 摘要 |
In a system using digital identities, such as a public key cryptosystem using public key certificates, each certificate is part of a data revocation structure of tokens maintained by a certification authority (CA). Certificates may then share tokens with other certificates. By updating certain of these tokens periodically to indicate valid (unrevoked and unexpired) certificates, the number of updated records is reduced. Moreover, in response to a status query, a single token is transmitted in response. This results in a more efficient overall use of both computing and communications network resources. In one version of the invention, the data revocation structure is a binary tree. Each certificate includes each zero token for each node in its path from leaf to root of the tree. The tree is updated periodically to indicate valid and revoked certificates. This update operation includes a selection process, in which certain nodes are selected for updating, and a token update process, in which the selected nodes are updated. In the selection process, the fewest number of nodes on the binary tree satisfying the following two properties are selected for updating:1. At least one selected node is on the path from each non-revoked and not-yet expired digital identity leaf to the root of the tree; and2. None of the selected nodes is on the path from any revoked or expired digital identity to the root of the tree.These selected nodes are updated. A token is valid on day i+1 if it has been updated on day i. If on day i+1, a first party A wishes to verify a second party B's public key certificate, party A queries the CA. The CA sends to A one of the valid tokens. A's cryptography device receives the token and performs a one-way function, such as a hash function, on this received token a certain number of times to obtain the Dth value. This value is compared to the value on B's certificate. In a second version of the invention, the data revocation structure is constructed using a more general formulation. Each user's certificate includes a collection of all subsets containing that user. For each of these subsets, there is a chain. The certificate includes the zero token for each chain of each set on the certificate. Similar updating and verification processes are performed using this data revocation structure. In a third embodiment, the updating process is performed incrementally.
|
