Master's thesis

A Study on Efficiency and Security of Online Certificate Verification Systems in Public Key Infrastructures

A Public Key Infrastructure (PKI) is the basis of security infrastructure whose services are implemented and provided using public key techniques. Most of the protocols for secure e-mail and authentication systems make use of the PKI. In PKIs, a certificate is used to bind an entity's identity information with the corresponding public key. Nevertheless, certificates are revoked in case of breaking that binding before its expiration date. Thus, when the user wants to use the certificate, she does not simply check the expiration data on the certificate, but also check whether the certificate has been revoked or not.

The most well-known offline method is to periodically publish a Certificate Revocation List, but the main disadvantage of the CRL systems is its high communication costs between the user and the repository. To overcome the shortcomings of the CRL, several online verification approaches are suggested. However, these have the following drawbacks from the viewpoint of its security and efficiency. In mobile PKI, the computation and communication costs are important issue since mobile terminals are restricted with resource usage. Moreover, online certificate verification systems are vulnerable to Denial-of-Service attacks and replay attacks. The countermeasure against these attacks is also important.

This paper focuses on the online certificate verification systems, such as Online Certificate Status Protocol (OCSP) and Security-Mediated PKI. First, we examine the traditional distributed OCSP with multiple certificates. This thesis proposes a distributed OCSP with a single certificate using key-insulated signature scheme. The communication costs between the user and the responder can be reduced. Second, we propose efficient pre-production methods, which the responder can pre-produce a response message for each group consisting of certificates with the common status. Our proposed methods can reduce the computation cost of the responder. Finally, we investigate the security of a Security-Mediated PKI. Then, we propose a security enhancing Security-Mediated PKI by using One-time ID. Our proposed method can avoid the Denial-of-Service attacks and replay attacks.