Analytical Performance Evaluation of Nested Certificates

The classical certificate systems are computationally inefficient, since they use signature operations based on public key cryptosystems. The nested certificates (A. Levi, Design and performance evaluation of the nested certification scheme and its applications in public key infrastructures, Ph.D. Thesis, Department of Computer Engineering, Boğaziçi University, Istanbul, Turkey) are proposed to improve the performance of the certificate verification. A nested certificate is a certificate for another, say subject, certificate. The subject certificates can be classical or other nested certificates. A subject certificate can be verified without using the public key cryptosystem operations. In this way, the nested certificates improve the performances of the certificate and certificate path verification. In this paper, analytical formulations and graphical analyses of the computational performance improvement of the nested certificate usage are given for both single subject certificate verification and certificate path verification cases. Moreover, it is also shown that the usage of nested certificates always improves the computational performances of the verification of a single certificate and the verification of a certificate path.  1999 Elsevier Science B.V. All rights reserved.