Abstract: This paper presents a distributed certificate revocation scheme for Ad Hoc network. It uses two tables to describe creditability and relationship of network nodes, and one-way Hash chain to authenticate accuse info. It reflects the intensity of complaints accurately and provides protection against certificates being wrongfully revoked through malicious accusations by dynamic updating creditability of the nodes. By introducing subspending certificates, it provides protection against the certificates of good nodes being revoked for accidental misbehavior.

Key words: certificate revocation, Ad Hoc network, Hash chain, creditability

摘要： 提出一种适用于Ad Hoc网络的分布式证书撤销方案。分别使用2张表对网络中节点的信用值和节点间的控诉关系进行描述。采用单向哈希链认证控诉消息，动态更新节点的信用值，精确反映节点的控诉力度，防止恶意控诉引起的错误撤销。引入证书的挂起状态，有效防止因偶然的不良行为而造成的好节点证书撤销的情况。

关键词: 证书撤销, Ad Hoc网络, 哈希链, 信用值

CLC Number: 

• TP309