A quantitative study of Public Key Infrastructures

Public Key Infrastructures have not reached the widespread diffusion expected of them, although they are well understood from a security point of view, because, like many say, the killer application has not been found yet. The lack of a clear understanding of the performance of these systems also contributes significantly to their limited diffusion. Studies have appeared of specific aspects of the operations of PKIs, but no complete studies of the overall system are known. In this paper we present an evaluation study of X.509-compliant Public Key Infrastructures using queuing network models. We focus our analysis on the performance of the subsystem in charge of generating and managing digital certificates, under a variety of load conditions, both in terms of the type of requests and their number. We also investigate the impact on the performance of the system of some implementation choices such as revocation mechanisms and auditing activities. The main result of our analysis is that the system we consider, given the current state of technology, can guarantee acceptable response time in steady state even in the presence of PKI with a consistent number of users. However, in order to guarantee such a performance level, throughput must not exceed 3.5 requests per second, where a request can be a certificate generation or revocation request. Such a limitation hinders the deployment of PKIs with large numbers of users, since recovering after a system compromise may require an unacceptable amount of time.