{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,23]],"date-time":"2026-03-23T14:32:10Z","timestamp":1774276330160,"version":"3.50.1"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030708511","type":"print"},{"value":"9783030708528","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2021,3,3]],"date-time":"2021-03-03T00:00:00Z","timestamp":1614729600000},"content-version":"vor","delay-in-days":61,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Maritime shipping is currently undergoing rapid digitalization, but with increasing exposure to cyber threats, there is a need to improve the security of the ship communication technology used during operations across international waters, as well as close to local shores and in ports. To this aid, there are ongoing standardization efforts for an international maritime Public Key Infrastructure, but the inherent properties of limited connectivity and bandwidth make certificate revocation a problematic affair compared to traditional Internet systems. The main contribution of this paper is an analysis of certificate revocation techniques based on how they fulfil fundamental maritime requirements and simulated usage over time. Our results identify CRLs (with Delta CRLs) and CRLite as the two most promising candidates. Finally, we outline the pros and cons with these two different solutions.<\/jats:p>","DOI":"10.1007\/978-3-030-70852-8_9","type":"book-chapter","created":{"date-parts":[[2021,3,2]],"date-time":"2021-03-02T18:03:19Z","timestamp":1614708199000},"page":"142-157","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["On the Certificate Revocation Problem in the Maritime Sector"],"prefix":"10.1007","author":[{"given":"Guillaume","family":"Bour","sequence":"first","affiliation":[]},{"given":"Karin","family":"Bernsmed","sequence":"additional","affiliation":[]},{"given":"Ravishankar","family":"Borgaonkar","sequence":"additional","affiliation":[]},{"given":"Per H\u00e5kon","family":"Meland","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,3,3]]},"reference":[{"key":"9_CR1","unstructured":"CA:RevocationPlan. https:\/\/wiki.mozilla.org\/CA:RevocationPlan#OneCRL. Accessed on 08 Jun 2020"},{"key":"9_CR2","unstructured":"Certificate transparency. http:\/\/www.certificate-transparency.org\/. Accessed on 08 Jun 2020"},{"key":"9_CR3","unstructured":"CRL Sets. https:\/\/dev.chromium.org\/Home\/chromium-security\/crlsets. Accessed on 08 Jun 2020"},{"key":"9_CR4","unstructured":"Improving revocation: OCSP must-staple and short-lived certificates. https:\/\/blog.mozilla.org\/security\/2015\/11\/23\/improving-revocation-ocsp-must-staple-and-short-lived-certificates\/. Accessed on 08 Jun 2020"},{"key":"9_CR5","unstructured":"The technical specification of VDES. IALA Guideline G1139, Edition 3.0, June 2019"},{"key":"9_CR6","unstructured":"UNCTAD Handbook of Statistics 2019 - Merchant Fleet. https:\/\/stats.unctad.org\/handbook\/MaritimeTransport\/MerchantFleet.html"},{"key":"9_CR7","unstructured":"CySiMS Deliverable D2.2 Using digital signatures in the maritime domain (2017)"},{"key":"9_CR8","unstructured":"Revocation Checking in Firefox (2019). https:\/\/wiki.mozilla.org\/CA\/Revocation_Checking_in_Firefox. Accessed on 08 Jun 2020"},{"key":"9_CR9","unstructured":"Cariou, P., Wolff, F.C.: Do port state control inspections influence flag- and class-hopping phenomena in shipping? Working Papers hal-00455155, HAL, February 2010. https:\/\/ideas.repec.org\/p\/hal\/wpaper\/hal-00455155.html"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) Profile. RFC 5280, May 2008. https:\/\/tools.ietf.org\/html\/rfc5280","DOI":"10.17487\/rfc5280"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"Deacon, A., Hurst, R.: The lightweight online certificate status protocol (OCSP) profile for high-volume environments. RFC 5019 September 2007. https:\/\/tools.ietf.org\/html\/rfc5019","DOI":"10.17487\/rfc5019"},{"key":"9_CR12","unstructured":"Forum, M.C.D.: Identity Management and Cyber Security. IALA Input paper: ENAV19-n.n.n"},{"key":"9_CR13","doi-asserted-by":"crossref","unstructured":"Fr\u00f8ystad, C., Bernsmed, K., Meland, P.H.: Protecting future maritime communication. In: Proceedings of the 12th International Conference on Availability, Reliability and Security, pp. 1\u201310 (2017)","DOI":"10.1145\/3098954.3103169"},{"key":"9_CR14","unstructured":"Holzhauser, K.: An Analysis of Bloom Filter Cascades-CRLite (2020)"},{"key":"9_CR15","unstructured":"Jain, G.: Certificate revocation: a survey (2000). http:\/\/citeseerx.ist.psu.edu\/viewdoc\/download?doi=10.1.1.17.587&rep=rep1&type=pdf"},{"key":"9_CR16","unstructured":"Jones, J.: CRLite: speeding up secure browsing (2020). https:\/\/blog.mozilla.org\/security\/2020\/01\/21\/crlite-part-3-speeding-up-secure-browsing\/. Accessed on 08 Jun 2020"},{"key":"9_CR17","unstructured":"Jones, J.: filter-cascade (2020). https:\/\/github.com\/mozilla\/filter-cascade\/blob\/master\/filtercascade\/. Accessed on 08 Jun 2020"},{"key":"9_CR18","unstructured":"Langley, A.: Revocation checking and Chrome\u2019s CRL (2012). https:\/\/www.imperialviolet.org\/2012\/02\/05\/crlsets.html. Accessed on 08 Jun 2020"},{"key":"9_CR19","doi-asserted-by":"crossref","unstructured":"Larisch, J., Choffnes, D., Levin, D., Maggs, B.M., Mislove, A., Wilson, C.: Crlite: a scalable system for pushing all TLS revocations to all browsers. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 539\u2013556. IEEE (2017)","DOI":"10.1109\/SP.2017.17"},{"issue":"10","key":"9_CR20","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1145\/2659897","volume":"57","author":"B Laurie","year":"2014","unstructured":"Laurie, B.: Certificate transparency. Commun. ACM 57(10), 40\u201346 (2014)","journal-title":"Commun. ACM"},{"key":"9_CR21","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/s12567-018-0214-8","volume":"11","author":"F L\u00e1zaro","year":"2019","unstructured":"L\u00e1zaro, F., Raulefs, R., Wang, W., Clazzer, F., Plass, S.: VHF data exchange system (VDES): an enabling technology for maritime communications. CEAS Space 11, 55\u201363 (2019). https:\/\/doi.org\/10.1007\/s12567-018-0214-8","journal-title":"CEAS Space"},{"issue":"5","key":"9_CR22","doi-asserted-by":"publisher","first-page":"604","DOI":"10.1109\/TNET.2002.803864","volume":"10","author":"M Mitzenmacher","year":"2002","unstructured":"Mitzenmacher, M.: Compressed bloom filters. IEEE\/ACM Trans. Netw. 10(5), 604\u2013612 (2002)","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"9_CR23","unstructured":"Peiponen, H., Kukkonen, A.: Integrity monitoring and authentication for VDES pre-distributed public keys. IALA Committee Working Document. Input paper: ENAV18-11.10"},{"key":"9_CR24","doi-asserted-by":"crossref","unstructured":"Pettersen, Y.: The transport layer security (TLS) multiple certificate status request extension. RFC 6961, June 2013. https:\/\/www.ietf.org\/rfc\/rfc6961.txt","DOI":"10.17487\/rfc6961"},{"key":"9_CR25","unstructured":"Pettersen, Y.: X.509v3 Transport layer security (TLS) feature extension. RFC 7633, October 2015. https:\/\/tools.ietf.org\/html\/rfc7633"},{"key":"9_CR26","doi-asserted-by":"crossref","unstructured":"Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 internet public key infrastructure online certificate status protocol - OCSP. RFC 6960, June 2013. https:\/\/tools.ietf.org\/html\/rfc6960","DOI":"10.17487\/rfc6960"},{"key":"9_CR27","doi-asserted-by":"crossref","unstructured":"Smith, T., Dickinson, L., Seamons, K.: Let\u2019s revoke: scalable global certificate revocation. In: Proceedings 2020 Network and Distributed System Security Symposium, Internet Society, San Diego, CA (2020)","DOI":"10.14722\/ndss.2020.24084"},{"key":"9_CR28","doi-asserted-by":"publisher","first-page":"26223","DOI":"10.1109\/ACCESS.2020.2970460","volume":"8","author":"Q Wang","year":"2020","unstructured":"Wang, Q., Gao, D., Chen, D.: Certificate revocation schemes in vehicular networks: a survey. IEEE Access 8, 26223\u201326234 (2020)","journal-title":"IEEE Access"},{"key":"9_CR29","doi-asserted-by":"crossref","unstructured":"Wang, Z., Lin, J., Cai, Q., Wang, Q., Zha, D., Jing, J.: Blockchain-based certificate transparency and revocation transparency. IEEE Trans. Dependable Secure Comput. 1 (2020)","DOI":"10.1109\/TDSC.2020.2983022"},{"key":"9_CR30","doi-asserted-by":"crossref","unstructured":"Wohlmacher, P.: Digital certificates: a survey of revocation methods. In: Proceedings of the 2000 ACM workshops on Multimedia, pp. 111\u2013114 (2000)","DOI":"10.1145\/357744.357892"}],"container-title":["Lecture Notes in Computer Science","Secure IT Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-70852-8_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,3,2]],"date-time":"2021-03-02T18:08:51Z","timestamp":1614708531000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-70852-8_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030708511","9783030708528"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-70852-8_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"3 March 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NordSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nordic Conference on Secure IT Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 November 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 November 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"nordsec2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/nordsec2020.on.liu.se\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"45","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"15","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}