摘要
文献《在线证书状态协议的改进及应用》[1]提出了一个基于OCSP(Online Certificate Status Protocol,在线证书状态协议)查询的数字签名验证应用方案,这个方案的安全性与可行性是值得商榷的。该文给出了一种攻击方法,并分析了其中的几个问题及问题产生的根源;最后给出了一种解决方案。
In the paper Improvement and Application of Online Certificate Status Protocol, an application model based on OCSP (Online Certificate Status Protocol) query on validating digital signature is presented; however, its security and feasibility deserve to be deliberated. In this paper, an attack method to that application model is put forward, and some problems on that application model are brought forwards, and then the origin of these problems is analyzed in detail. At the end of this paper, a solution to these problems is presented.
出处
《计算机工程》
EI
CAS
CSCD
北大核心
2005年第1期50-52,共3页
Computer Engineering
基金
国家重点基础研究发展规划资助项目(G1999035810)
国家自然科学基金资助项目(60083007)
