TY - GEN
T1 - A Novel Optimized Encoding Approach for Certificate Revocation
AU - Premont, Arthur
AU - Afifi, Hossam
AU - Moungla, Hassine
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025/1/1
Y1 - 2025/1/1
N2 - One of the goals of a PKI (Public Key Infrastructure), which is ubiquitous in our systems and networks, is to be able to create a trusted association - represented by a certificate - between a public key and an entity; It is however, of the same importance, to be able to revoke this trust. A major challenge is to efficiently share the revocations that took place. Two existing and widely used methods are presented: certificate revocation lists (CRLs) and the Online Certificate Status Protocol (OCSP). Both mechanisms can be optimized but have limitations, especially due to their cumbersome nature. In this article, a new encoding scheme (LightyCoding) is proposed, which is no longer based on the historical ASN.1 standard, and which offers a lightweight structure and improved performance. We describe its structure and functioning before proceeding with tests. The results are a significant reduction in CRL size of around 50% for most uses and 30% for OCSP, but still containing the same useful data as an ASN.1-encoded revocation. We also describe techniques implemented in our encoding to ensure frontand backward-compatibility, facilitating integration and use.
AB - One of the goals of a PKI (Public Key Infrastructure), which is ubiquitous in our systems and networks, is to be able to create a trusted association - represented by a certificate - between a public key and an entity; It is however, of the same importance, to be able to revoke this trust. A major challenge is to efficiently share the revocations that took place. Two existing and widely used methods are presented: certificate revocation lists (CRLs) and the Online Certificate Status Protocol (OCSP). Both mechanisms can be optimized but have limitations, especially due to their cumbersome nature. In this article, a new encoding scheme (LightyCoding) is proposed, which is no longer based on the historical ASN.1 standard, and which offers a lightweight structure and improved performance. We describe its structure and functioning before proceeding with tests. The results are a significant reduction in CRL size of around 50% for most uses and 30% for OCSP, but still containing the same useful data as an ASN.1-encoded revocation. We also describe techniques implemented in our encoding to ensure frontand backward-compatibility, facilitating integration and use.
UR - https://www.scopus.com/pages/publications/105018475576
U2 - 10.1109/ICC52391.2025.11161161
DO - 10.1109/ICC52391.2025.11161161
M3 - Conference contribution
AN - SCOPUS:105018475576
T3 - IEEE International Conference on Communications
SP - 6536
EP - 6541
BT - ICC 2025 - IEEE International Conference on Communications
A2 - Valenti, Matthew
A2 - Reed, David
A2 - Torres, Melissa
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2025 IEEE International Conference on Communications, ICC 2025
Y2 - 8 June 2025 through 12 June 2025
ER -