Title :
Quantifying the Effects of More Timely Certificate Revocation on Lightweight Mobile Devices
Author :
Sufatrio ; Yap, Roland H C
Author_Institution :
Temasek Labs., Nat. Univ. of Singapore, Singapore, Singapore
Abstract :
Public Key Infrastructure (PKI) is a key infrastructure for secure communications and transactions on the Internet. We revisit the problem of timely certificate revocation and develop a performance analysis framework with more realistic assumptions of when certificates are revoked, a query model differentiating revoked and unrevoked certificates, and realistic cost factors. Our analysis is fine-grained and shows the impact of a revocation scheme on the computation, storage and bandwidth costs particularly on mobile devices as the verifiers. We apply our performance framework to analyze the following schemes: CRL, OCSP, CRS and CREV. Our analysis shows clearly the strengths and weaknesses of each scheme particularly for mobile lightweight verifiers under higher timeliness guarantees.
Keywords :
Internet; mobile computing; public key cryptography; CREV; CRL; CRS; Internet; OCSP; cost factors; mobile devices; mobile lightweight verifiers; performance analysis framework; public key infrastructure; query model; timely certificate revocation; Analytical models; Bandwidth; Digital signatures; Internet; Mobile communication; Mobile handsets; Steady-state;
Conference_Titel :
Security Measurements and Metrics (Metrisec), 2011 Third International Workshop on
Conference_Location :
Banff, AB
Print_ISBN :
978-1-4673-1245-5
DOI :
10.1109/Metrisec.2011.17
