‹#›
VII CONSORTIUM
Efficient Revocation: LAs
ŘEach
OBE will receive thousands of certificates
per year
-Traditional
revocation (include each certificate identifier
in CRL) impossible: huge CRLs
ŘInclude
a “Linkage ID” in each certificate
-Basically an
decrypted identifier
-To revoke: include
decryption key on CRL
-Smart design:
publishing decryption key on CRL
allows OBEs to derive any future Linkage
ID but no past Linkage ID