Optimization of a Public Key Infrastructure

The traffic patterns related to operation of a Public Key Infrastructure (PKI) can be modeled and optimized. Even though PKI has been around for three decades, relatively few results have been presented on this matter. The contribution of this paper is a PKI traffic model based on observation of familiar use cases together with hypotheses from scale free graph theory. Based on a set of estimated parameters, an optimized organization of a PKI is proposed. One key element has been to avoid costly revocation mechanisms. The proposed solution includes the use of short lived certificates which do not need a revocation mechanism, and the use of cached validation proofs to save protocol round trips. PKI also presents special challenges during operation in tactical wireless networks. Reduced bandwidth and connectivity requirements are commonly considered as essential properties for a successful tactical application. The paper also proposes an organization of a PKI for a mixed tactical/strategic network.