Paper Info
Title
A Modeling of Certificate Revocation and Its Application to Synthesis of Revocation Traces
Abstract
One of the hardest tasks of a public key infrastructure (PKI) is to manage revocation. New communication paradigms push the revocation system to the limit and an accurate resource assessment is necessary before implementing a particular revocation distribution system. In this context, a precise modeling of certificate revocation is necessary. In this paper, we analyze empirical data from real certification authorities (CAs) to develop an accurate and rigorous model for certificate revocation. One of the key findings of our analysis is that the certificate revocation process is statistically self-similar. The proposed model is based on an autoregressive fractionally integrated moving average (ARFIMA) process. Then, using this model, we show how to build a synthetic revocation generator that can be used in simulations for resource assessment. Finally, we also show that our model produces synthetic revocation traces that are indistinguishable for practical purposes from those corresponding to actual revocations.
Year
DOI
Venue
2012
10.1109/TIFS.2012.2209875
IEEE Transactions on Information Forensics and Security
Keywords
Field
DocType
mathematical model,data models,public key cryptography,self similarity,public key
Public key infrastructure,Data modeling,Revocation list,Computer science,Computer security,Distribution system,Autoregressive fractionally integrated moving average,Revocation,Certification,Public-key cryptography
Journal
Volume
Issue
ISSN
7
6
1556-6013
Citations 
PageRank 
References 
3
0.38
13
Authors
8
Name
Order
Citations
PageRank
Carlos Gañán1708.86
Jorge Mata-Díaz210113.33
Jose L. Muñoz328725.68
Juan Hernández-Serrano411412.31
Oscar Esparza528426.58
Juanjo Alins67810.45
Mata-Diaz, J.761.38
Hernandez-Serrano, J.850.79