There are 2 scenarios for key revocation in Hyker
First case (public keys used for identification of users/devices):
Public key revocation in Hyker works very similar to OCSP. The key aspect is that we force an in-line revocation check for each lookup of a public key. This makes public key revocation instantaneous.
Second case (symmetric keys used for key revocation):
In most systems, symmetric keys are often not subject to revocation as they are mostly used for sessions. However, for long-term sessions, they are sometimes subject to renewal or ratcheting.
Hyker enables renewal of symmetric keys. A symmetric key is used for a set granularity level and can be updated at any time. This means that it is easy to exclude previously authorized recipients from receiving further data. Since a symmetric key is used for one-way communication in Hyker, there is no need for ratcheting.