Certificate Path Verification in Hierarchical and Peer-to-Peer Public Key Infrastructures

Authors

  • BalachandraManipal Institute of Technology, Manipal, India
  • Prema K.V.Manipal Institute of Technology, Manipal, India
Keywords
PKI Hierarchical PKI, peer to peer PKI, Certification authority, certification verification, open SSL

Abstract

“Authentication of users in an automated business transaction is commonly realized by means of a Public Key Infrastructure(PKI). A PKI is a framework on which the security services are built. Each user or end entity is given a digitally signed data structure called digital certificate. In Hierarchical PKI, certificate path is unidirectional, so certificate path development and validation is simple and straight forward. Peer-to-Peer(also called Mesh PKI) architecture is one of the most popular PKI trust models that is widely used in automated business transactions, but certificate path verification is very complex since there are multiple paths between users and the certification path is bidirectional. In this paper, we demonstrate the advantage of certificate path verification in Hierarchical PKI based on forward path construction method over reverse path construction method with respect to the time requirement. We also propose a novel method to convert a peer-to-peer PKI to a Depth First Search(DFS) spanning tree to simplify the certificate path verification by avoiding multiple paths between users, since the DFS spanning tree equivalent of peer-to-peer PKI contains only one path between any two Certification Authorities.

References

  • Adams, C. and Lloyd, S. (2003) Understanding Public-Key Infrastructure: Concepts, standards, and Deployment Considerations, (2nd edn.), Bostan, Addison Wesley.
  • Adams, S. and Farrell, S. (1999) ‘Internet X.509 Public Key Infrastructure Certificate Management Protocols, Network Working Group Request for Comments 2510’ (online). Available from http://www.ietf.org/rfc/rfc2510.txt
  • Boeyen, S. et.al. (1999) ‘Internet X.509 Public Key Infrastructure Operational Protocols – LDAPv2’, Network working group, RFC 2559
  • Cooper, M. et. al. (2005) ‘Internet X.509 Public Key Infrastructure: Certification Path Building’, Network Working Group, RFC 4158.
  • Cronin, E., Malkin, T. et.al (2003) ‘On the Performance, Feasibility and use of Forward-Secure Signatures’, CCS’03, Washington, DC, USA.
  • Guo, Z., Okuyama, T., et.al. (2005) ‘A New Trust Model for PKI Interoperability’, Proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services (ICAS/ICNS 2005), IEEE.
  • Huang, H. (2005) ‘On the Protection of Link State Routing and Discovery of PKI Certificate Chain in MANET’, A Ph.D thesis submitted to the Graduate Faculty of North Carolina State University.
  • Kaliski, B. (1993) ‘A Survey of Encryption Standards’, RSA Laboratories, IEEE Micro.
  • Koga, S. and Sakurai, K. (2004), ‘A Merging Method of Certification Authorities Without Using Cross-Certifications’, Proceedings of the International Conference on Advanced Information Networking and Application (AINA’04), IEEE
  • Lloyd, S. et. al. (2001) ‘CA-CA Interoperability’, PKI Forum (online). Available from http://www.pkiforum.org/pdfs/ca-ca interop.pdf
  • Mazaher, S. and Roe, P. (2003) A survey of state of the Art in Public Key Infrastructure, Norway,Norsk Regnesentral.
  • Pez, R. Satizbal, C. et. al. (2006) ‘Building a Virtual Hierarchy for Managing Trust Relationships in a Hybrid Architecture’, Journal of Computers, 1:7, 60-68.
  • Pinkas, D. (2001) ‘Delegated Path Validation and Delegated Path Discovery Protocols’, Internet Draft.
  • Saxena, A. (2004) Public Key Infrastructure Concepts, Design and Deployment, New Delhi, Tata McGraw Hill.
  • Serranoa, J.H., Satizbal, C. et.al (2007) ‘Building a virtual hierarchy to simplify certification path discovery in mobile ad-hoc networks’, Computer Communications, 30: 7, 1498-1512.
  • Thales (2000), ‘Elliptic Curve Cryptography’, e-security white paper.
  • Weise, J. (2001) ‘Public Key Infrastructure Overview’, Sun BluePrints™.
  • Wiener, M.J. (1998) ‘Performance comparison of public-key cryptosystems’, CryptoBytes, 4(1).
  • Zuccherato, R. (2003) ‘Using a PKI Based Upon Elliptic Curve Cryptography-Examining the Benefits and Difficulties’, Entrust-Securing Digital Identities and Information.

How to Cite

Balachandra, Prema K.V.. Certificate Path Verification in Hierarchical and Peer-to-Peer Public Key Infrastructures. J.Technol. Manag. Grow. Econ.. 2023, 01, 77-92
Certificate Path Verification in Hierarchical and Peer-to-Peer Public Key Infrastructures

Current Issue

PeriodicityBiannually
Issue-1May
Issue-2November
ISSN Print0976-545X
ISSN Online2456-3226
RNI No.CHAENG/2013/50088
OA Policy

Publisher's policy of the journal at Sherpa UK for the submitted, accepted, and published articles. Click OAPolicy

Plan-S Compliance

To check compliance, one has to use the Journal Check Tool (JCT). This tool provided by cOAlition S (European funders) for the researchers (fundee) to check the compliance with the journal.

Recommend journal to your library

You can recommend the journal being a researcher or faculty member to your library. We will post a copy of the Journal to your library on your behalf at free of cost.
Click here: Recommend Journal

Preprint Arxiv Submission

The authors are encouraged to submit the author’s copy (preprint) to appropriate preprint archives e.g. https://arxiv.org and/or on https://indiarxiv.org or institutional repositories (e.g., D Space) before paper acceptance by the editor of Journal. After publications of the paper author(s) should mention the citation information, title and abstract along with DOI number of the publication carefully on the required page of the depository(ies).

Contact: Phone: +91-172-2741000, +91-172-4691800

Email : editor.tmg@chitkara.edu.in;

Abstract and Indexing

Information

This work is licensed under a Creative Commons Attribution 4.0 International License.

Articles in Journal of Technology Management for Growing Economies(J.Technol. Manag. Grow. Econ.) by Chitkara University Publications are Open Access articles that are published with licensed under a Creative Commons Attribution- CC-BY 4.0 International License. Based on a work at https://tmg.chitkara.edu.in/. This license permits one to use, remix, tweak and reproduction in any medium, even commercially provided one give credit for the original creation.

View Legal Code of the above-mentioned license, https://creativecommons.org/licenses/by/4.0/legalcode

View Licence Deed here https://creativecommons.org/licenses/by/4.0/

Creative Commons License

Journal of Technology Management for Growing Economies by Chitkara University Publications is licensed under a Creative Commons Attribution 4.0 International License.
Based on a work at https://tmg.chitkara.edu.in/

Members