Title :
A performance study of over-issuing delta-CRLs with distribution points
Author :
Rojanapasakorn, Aradee ; Sathitwiriyawong, Chanboon
Author_Institution :
Fac. of Inf. Technol., King Mongkut´´s Inst. of Technol., Bangkok, Thailand
Abstract :
Digital certificates have been used to prove the identities of entities. Due to different constraints, they are only valid within a specific time. Confronting many threats is an important reason why their validities must be terminated sooner than assigned. Therefore, a certificate revocation is essential. We present a new method of issuing certificate revocation lists (CRLs) by overissuing delta-CRL with distribution points. The combination of over-issuing segmented CRLs and delta-CRLs is used to distribute CRL segments over several directories. The results from the comparative analyzes show that the proposed certificate revocation method can significantly improve the system performance such as spreading out the request rate, and reducing the size of certification revocation information and the average network usage. It also highlights inefficiencies of the traditional method of distributing certificate status information using CRLs.
Keywords :
certification; distributed processing; public key cryptography; certificate revocation lists; certificate status information; delta-CRL; digital certificate; distribution points; performance study; system performance; Certification; Content addressable storage; Delay; Information analysis; Information security; Information technology; Performance analysis; Public key; Public key cryptography; System performance;
Conference_Titel :
Advanced Information Networking and Applications, 2004. AINA 2004. 18th International Conference on
Print_ISBN :
0-7695-2051-0
DOI :
10.1109/AINA.2004.1283781
