COCA: A secure distributed online certification authority. Zhou, L., Schneider, F. B., & Renesse, R. V. ACM Trans. Comput. Syst., 20(4):329\textendash368, ACM, New York, NY, USA, 2002.
COCA: A secure distributed online certification authority [link]Paper  doi  abstract   bibtex   
COCA is a fault-tolerant and secure online certification authority that has been built and deployed both in a local area network and in the Internet. Extremely weak assumptions characterize environments in which COCA\textquoterights protocols execute correctly: no assumption is made about execution speed and message delivery delays; channels are expected to exhibit only intermittent reliability; and with 3t + 1 COCA servers up to t may be faulty or compromised. COCA is the first system to integrate a Byzantine quorum system (used to achieve availability) with proactive recovery (used to defend against mobile adversaries which attack, compromise, and control one replica for a limited period of time before moving on to another). In addition to tackling problems associated with combining fault-tolerance and security, new proactive recovery protocols had to be developed. Experimental results give a quantitative evaluation for the cost and effectiveness of the protocols.
@article {571638,
	title = {COCA: A secure distributed online certification authority},
	journal = {ACM Trans. Comput. Syst.},
	volume = {20},
	number = {4},
	year = {2002},
	pages = {329{\textendash}368},
	publisher = {ACM},
	address = {New York, NY, USA},
	abstract = {COCA is a fault-tolerant and secure online certification authority that has been built and deployed both in a local area network and in the Internet. Extremely weak assumptions characterize environments in which COCA{\textquoteright}s protocols execute correctly: no assumption is made about execution speed and message delivery delays; channels are expected to exhibit only intermittent reliability; and with 3t + 1 COCA servers up to t may be faulty or compromised. COCA is the first system to integrate a Byzantine quorum system (used to achieve availability) with proactive recovery (used to defend against mobile adversaries which attack, compromise, and control one replica for a limited period of time before moving on to another). In addition to tackling problems associated with combining fault-tolerance and security, new proactive recovery protocols had to be developed. Experimental results give a quantitative evaluation for the cost and effectiveness of the protocols.},
	keywords = {byzantine fault tolerance, certification authority, denial-of-service, proactive secret-sharing, public key cryptography, threshold cryptography},
	issn = {0734-2071},
	doi = {10.1145/571637.571638},
	url = {http://portal.acm.org/citation.cfm?id=571638$\#$},
	author = {Zhou, Lidong and Schneider, Fred B. and Robbert Van Renesse}
}

Downloads: 0