Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

How does certificate-based encryption solve key revocation problem? For example,

ID: 649522 • Letter: H

Question

How does certificate-based encryption solve key revocation problem?

For example, if a user accidentally reveals its secret key or an attacker compromises it, the user may request revocation of its certificate. Alternatively, the user's company may request revocation if the user leaves the company or changes position and is no longer entitled to use the key.

My questions are:

How can we do this process in certificate-based encryption and how different is it compared to PKE (that uses CRL or OCSP for certificate revocation)?

In the case of signature, how can a user verify the validity of verification keys? How can the user check whether the key is valid and not revoked?

Explanation / Answer

The revocation status of a certificate is application depended, meaning that if the application under which you perform the encryption or decryption does not check for revocation status with the CA, then you may still proceed and encrypt or decrypt the message. You should consider the loss of a private key of a certificate as a loss of your password in a symmetric encryption environment. The same argument applies to PKE.

The same applies to a signature verifications: a well behaved program should check the revocation list when verifying a signature, but this depends on the application developer interests. I can verify a signature as a valid one in certain programs without consulting a revocation list at all.
You can easily test this, for example, by checking on a signed windows program on a computer that is not connected to the internet (look at the Digital Signature tab in the Properties pop-up dialog box of a signed executible): The digital signature of the program would be reported as OK (if indeed nobody messed with its bits) even though the revocation list has not been consulted.

Related Questions

How does a microscope\'s iris diaphragm lever work like the iris of an eye? ____
Question #3474162
How does a mutation in a somatic cell gene affect a person\'s ability to transmi
Question #13079
How does a mutation in the CFTR gene result in cystic fibrosis? The cells with t
Question #98666
How does a paramecium cope with living in freshwater? Uses its contractile vacuo
Question #48880
How does a partial derivative differ from an ordinary derivative? When should we
Question #3139852
How does a payroll accountant use the information in the General Ledger? (You ma
Question #2509391
How does a payroll accountant use the information in the General Ledger? (You ma
Question #2569641
How does a person become \"charged\" as he or she shuffles across a carpet with
Question #1864094
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
How does bringing the plant online affect your profits? Why? What are your incen
Next
How does change in the expected inflation rate affect the short-run tradeoff bet

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.