Quantifying the Effects of More Timely Certificate Revocation on Lightweight Mobile Devices

Quantifying the Effects of More Timely Certificate Revocation on Lightweight Mobile Devices

Public Key Infrastructure (PKI) is a key infrastructure for secure communications and transactions on the Internet. We revisit the problem of timely certificate revocation and develop a performance analysis framework with more realistic assumptions of when certificates are revoked, a query model dif...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Sufatrio, S., Yap, R. H. C.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Analytical models
Bandwidth
Digital signatures
Internet
Mobile communication
Mobile handsets
Steady-state
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Public Key Infrastructure (PKI) is a key infrastructure for secure communications and transactions on the Internet. We revisit the problem of timely certificate revocation and develop a performance analysis framework with more realistic assumptions of when certificates are revoked, a query model differentiating revoked and unrevoked certificates, and realistic cost factors. Our analysis is fine-grained and shows the impact of a revocation scheme on the computation, storage and bandwidth costs particularly on mobile devices as the verifiers. We apply our performance framework to analyze the following schemes: CRL, OCSP, CRS and CREV. Our analysis shows clearly the strengths and weaknesses of each scheme particularly for mobile lightweight verifiers under higher timeliness guarantees.
ISSN:2326-7712
DOI:10.1109/Metrisec.2011.17