Towards efficient certificate status validations with E-ADOPT in mobile ad hoc networks

Abstract

Each public key infrastructure needs an efficient certificate status validation method to exclude the revoked certificates from network. In this paper, we present a novel certificate validation scheme called E-ADOPT or Enhanced-ADOPT which utilizes a new kind of certificate status information. In this solution, we modify the OCSP response messages to carry information about the accusations issued against the certificate and this additional security information helps the client nodes to tune the OCSP results refresh rate more intelligently. As a result, client node can mitigate the certificate status information inconsistency problem with lower overheads and conduct more effective certificate status validations in MANET. Simulation results demonstrate that by appending accusation-related information to the OCSP responses, our solution achieves better results.