Scalability analysis of selected certificate validation scenarios

The use of public key based cryptographic algorithms enables new applications for encryption and digital signatures, and offers solution to a range of authentication and information integrity problems. One cause of concern regarding public key cryptography is the amount of computational and network resources required for key management. Although this has been a research focus for some time, little work has been done to formally analyze the scalability properties of the key management procedures. The purpose of this paper is to offer an analysis of certificate validation operations from a scalability perspective. Furthermore, the focus of the analysis is on client side data rates. This focus has been chosen since the capacity of the network closest to the clients is scarce and likely to be a bottleneck. This is particularly true when the clients are connected through a wireless tactical network.

[1]  William Yurcik,et al.  A survey of PKI components and scalability issues , 2006, 2006 IEEE International Performance Computing and Communications Conference.

[2]  David A. Cooper A more efficient use of delta-CRLs , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[3]  David A. Cooper,et al.  A model of certificate revocation , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[4]  Anders Fongen,et al.  Identity Management without Revocation , 2010, 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies.

[5]  Albert-László Barabási,et al.  Linked - how everything is connected to everything else and what it means for business, science, and everyday life , 2003 .

[6]  Adam J. Slagell,et al.  PKI Scalability Issues , 2004, ArXiv.

[7]  Ronald L. Rivest,et al.  Can We Eliminate Certificate Revocations Lists? , 1998, Financial Cryptography.