作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2007, Vol. 33 ›› Issue (12): 169-171. doi: 10.3969/j.issn.1000-3428.2007.12.059

• 安全技术 • 上一篇    下一篇

一种新型的证书撤销列表

牟 颖1,2,全太锋3,袁 丁2   

  1. (1. 重庆师范大学物理学与信息技术学院,重庆 400047;2. 四川师范大学计算机科学学院,成都 610068;3. 重庆通信学院,重庆 400035)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-06-20 发布日期:2007-06-20

New Certificate Revocation List

MOU Ying1,2, QUAN Taifeng3, YUAN Ding2   

  1. (1. College of Physics and Information Technology, Chongqing Normal University, Chongqing 400047; 2. College of Computer Science, Sichuan Normal University, Chengdu 610068; 3. Chongqing Communication Institute, Chongqing 400035)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-06-20 Published:2007-06-20

摘要: 对证书撤销机制进行了研究。指出基于有序顺序表的证书撤销列表方案的不足,提出一种基于二叉排序树的CRL方案。通过分析表明,该方案与传统CRL相比,能够减少证书用户查找撤销证书的平均查询次数,克服了顺序CRL在更新时移动记录的缺点,优化了系统性能,且方案易于实现。

关键词: 公钥基础设施, 证书撤销列表, 二叉排序树

Abstract: This paper discusses certificate revocation list (CRL). A CRL based on schedule storage is not perfect and it proposes a new CRL based on binary sorted tree. Compared to other methods, the new method can reduce the average search length that the certificate user looks for the revocative certificate compared with traditional CRL. It is capable of avoiding the disadvantage of the improved CRL that any update will cause the move of the records, and it optimizes the performance of the certificate revocation system. The scheme is easy to be realized.

Key words: Public key infrastructure (PKI), Certificate revocation list (CRL), Binary sorted tree

中图分类号: