Paper 2009/121

Optimized Public Key Infrastructure -- A PKI to Support Efficient Document's Signatures

Martín Augusto Gagliotti Vigil, Ricardo Felipe Custódio, Nelson da Silva, and Ricardo Moraes


Optimized Public Key Infrastructures are traditional PKI in which end users may optimize the signatures of their documents, replacing the signer's validation data with Optimized Certificates (OC). OCs carry the signer's identification and public key, but are issued for a specific time, i.e., fields notBefore and notAfter have the same value, thus there are no reasons to revoke them. The OC's certification path is supposed to be shorter and uses Micali's revocation scheme. Furthermore, OCs include signed document's hashcodes, working also as time-stamps. Therefore, OCs are useful to replace signed document's validation data by one smaller and easier to verify. Finally, when OCs become invalid due to cryptographic algorithm weakness and limits in the validity periods of their certificate chains, they can be easily replaced by new ones, thus this proposal is suitable for efficient long term archiving.

Note: This work brings a full revision of a previous paper about Optimized Certificates which was published at the Proceedings of the 5th European PKI workshop on Public Key Infrastructure. Thus, Optimized Certificate's idea has been rewritten in order to make it clear, an unnoticed wrong deployment of Micali Novomodo proofs embedded in self-verifiable document way has been bypassed and some new novelties has been added.

Available format(s)
-- withdrawn --
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
optimized certification pathdigital signaturesPKI
Contact author(s)
gagliotti @ gmail com
2009-07-22: withdrawn
2009-03-15: received
See all versions
Short URL
Creative Commons Attribution
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.