Browse > Article

A New Certificate Path Processing Scheme employed the Trusted CA for improving an efficiency on the Computational Aspect  

최연희 (숭실대학교 컴퓨터통신 연구실)
전문석 (숭실대학교 정보과학대학)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.28, no.9C, 2003 , pp. 908-922 More about this Journal
Abstract
The Public Key Infrastructure (PKI) trends to delegate the certificate path processing to the Delegated Path Discovery (DPD) Server and Delegated Path Validation (DPV) server recently. The most critical factor for the selection of the delegated server is to allow the server to be equipped with a high reliability through a low cost, and simple implementation. In this paper, we propose a new certificate path processing scheme employed the trusted CA as the DPD/DPV server by adding the capability of the Validation Authority (VA) to the trusted CA. Since our proposed scheme uses the existing trusted CA as validation server, we can achieve a high trust through a simple implementation for the processing. Besides, we propose an additional scheme for reducing an overhead on the trusted CA. it is obtained by delegating digital signature verification to CAs on the path and by skipping the repeated path processing. As the result, our proposed validation scheme can be performed efficiently with high speed and low computational overhead.
Keywords
PKI; trusted CA; certification path validation processing; DPD; DPV;
Citations & Related Records
연도 인용수 순위
  • Reference
1 /
[ Albert Levi;M.Ufuk Caglayan ] / Anylytical performance evaluation fo nested certificates, Performance Evaluation
2 X.509 Internet Public Key Infrastructure Online Certificate Status Protocol, version 2 /
[ M.Myers;A.Malpani;D.Pinkas ] / IETF draft-ietf-pkix-ocspv2-text-01.txt
3 /
[ ETRI ZONE/R&D News ] / 세계 최초의' 통합형 인증서 검증시스템 (CVS.Cerificate Validation System) 개발
4 /
[ 심희원 ] / DNA를 이용한 상호 연동 및 인증서 거증 방안
5 Simple Certificate Validation Protocol(SCVP) /
[ Ambarish Malpani;Paul Hoffman;Russ Housley;Trevor Freeman ] / IETF draft-ietf-pkix-scvp-06.txt
6 Certificate Validation Protocol /
[ D.Pinkas ] / IETF draft-ietf-pkix-cvp-01.txt
7 Extended Validation Models in PKI : Alternatives and Implications /
[ M.Branchaud;J.Linn ] / 1st Annual PKI Research Workshop--Proceedings
8 Internex X.509 Public Key Infrastructure Cortificate and CRL Profile /
[ R.Housley;W.Polk;D.Solo ] / IETF REC 2459
9 An Efficient Dynamic and Trust Preserving Public Key Infrastructure /
[ Albert Levi;M.Ufuk Caglayam ] / Proceedings fo the 2000 IEEE Symposium on Security and Privacy (S&P2000)
10 /
[ 이만영;김지홍;류재철;소유진;염흥열;이임영 ] / 전자 상거래 보안 기술
11 /
[ R.Housley;T.Pork ] / Planning for PKI
12 Delegated Path Validation and Delegated Path Disscovery Protocol Requirements /
[ D.Pinkas;R.Housley ] / IETF 3379