Title | ||
---|---|---|
Speed Up Configurable Certificate Validation by Certificate Reduction and Partitioning |
Abstract | ||
---|---|---|
Before execution, users should formally validate the correctness of software received from untrusted providers. To accelerate this validation, in the proof carrying code (PCC) paradigm the provider delivers the software together with a certificate, a formal proof of the software's correctness. Thus, the user only checks if the attached certificate shows correctness of the delivered software. Recently, we introduced configurable program certification, a generic, PCC based framework supporting various software analyses and safety properties. Evaluation of our framework revealed that validation suffers from certificate reading. In this paper, we present two orthogonal approaches which improve certificate validation, both reducing the impact of certificate reading. The first approach reduces the certificate size, storing information only if it cannot easily be recomputed. The second approach partitions the certificate into independently checkable parts. The trick is to read parts of the certificate while already checking read parts. Our experiments show that validation highly benefits from our improvements. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1007/978-3-319-22969-0_12 | Lecture Notes in Computer Science |
Field | DocType | Volume |
Online Certificate Status Protocol,Programming language,Software engineering,Public key certificate,Computer science,Correctness,Theoretical computer science,Certification path validation algorithm,Proof-carrying code,Software,Chain of trust,Certificate | Conference | 9276 |
ISSN | Citations | PageRank |
0302-9743 | 5 | 0.41 |
References | Authors | |
12 | 1 |
Name | Order | Citations | PageRank |
---|---|---|---|
Marie-Christine Jakobs | 1 | 32 | 5.51 |