Revocation of privacy-enhanced public-key certificates

This paper presents a novel protocol for the revocation of privacy-enhanced/anonymous public-key certificates in relation to a protocol for anonymous public-key certificate issuing published previously. Not only can this certificate revocation protocol revoke an anonymous public-key certificate upon a request from its holder, but also automatically revoke any certificate issued directly or indirectly based on the certificate revoked, in an anonymous and accountable manner. In case the private key associated with an anonymous public-key certificate is suspected of having been compromised, the certificate holder can operate the protocol to easily revoke the compromised certificate together with its related ones so as to stop them being abused. The protocol is also assessed with regard to requirements such as accountability and anonymity.