A proposal of TLS implementation for cross certification model

Tadashi Kaji, Takahiro Ffujishiro, Satoru Tezuka

Research output: Contribution to journalArticle

Abstract

Today, TLS is widely used for achieving a secure communication system. And TLS is used PKI for server authentication and/or client authentication. However, its PKI environment, which is called as "multiple trust anchors environment," causes the problem that the verifier has to maintain huge number of CA certificates in the ubiquitous network because the increase of terminals connected to the network brings the increase of CAs. However, most of terminals in the ubiquitous network will not have enough memory to hold such huge number of CA certificates. Therefore, another PKI environment, "cross certification environment", is useful for the ubiquitous network. But, because current TLS is designed for the multiple trust anchors model, TLS cannot work efficiently on the crosscertification model. This paper proposes a TLS implementation method to support the cross certification model efficiently. Our proposal reduces the size of exchanged messages between the TLS client and the TLS server during the handshake process. Therefore, our proposal is suitable for implementing TLS in the terminals that do not have enough computing power and memory in ubiquitous network.

Original languageEnglish
Pages (from-to)1311-1318
Number of pages8
JournalIEICE Transactions on Information and Systems
VolumeE91-D
Issue number5
DOIs
Publication statusPublished - 2008 May
Externally publishedYes

Keywords

  • Cross certification
  • PKI
  • Path discovery and validation
  • TLS

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Vision and Pattern Recognition
  • Electrical and Electronic Engineering
  • Artificial Intelligence

Fingerprint Dive into the research topics of 'A proposal of TLS implementation for cross certification model'. Together they form a unique fingerprint.

  • Cite this