• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.12C
• /
• pp.1722-1728
• /
• 2004

To discover a certificate path is a very important topic in the PKI with a lot of candidate paths. The certificate path discovery processing is executed via many verifications and as the number of verification times increases, the validity of the discovered path becomes high. The selection of the path with high validity provides high-speed certificate validation by reducing the number of repetition times of path discovery and validation processing. Otherwise, there is a problem that the speed and computation overheads are increased. In this paper, we propose an efficient certificate path discovery algorithm can make high the certificate validity with low overhead.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.9C
• /
• pp.908-922
• /
• 2003

The Public Key Infrastructure (PKI) trends to delegate the certificate path processing to the Delegated Path Discovery (DPD) Server and Delegated Path Validation (DPV) server recently. The most critical factor for the selection of the delegated server is to allow the server to be equipped with a high reliability through a low cost, and simple implementation. In this paper, we propose a new certificate path processing scheme employed the trusted CA as the DPD/DPV server by adding the capability of the Validation Authority (VA) to the trusted CA. Since our proposed scheme uses the existing trusted CA as validation server, we can achieve a high trust through a simple implementation for the processing. Besides, we propose an additional scheme for reducing an overhead on the trusted CA. it is obtained by delegating digital signature verification to CAs on the path and by skipping the repeated path processing. As the result, our proposed validation scheme can be performed efficiently with high speed and low computational overhead.