A CRL (Certificate Revocation List) defined in X.509 is currently used for certificate revocation. There are some issues of CRL including a high communication cost and a low latency for update. To solve the issues, there are many proposals including CRT (Certificate Revocation Tree), Authenticated Dictionary, and Delta List. In this paper, we study CRT using k-valued hash tree. To estimate the optimal value of k, we examined the overhead of computation and the communication cost. We also discuss when a CRT should be reduced by eliminating unnecessary entries that are already expired.
展开▼