New Certificate Chain Discovery Methods for Trust Establishment in Ad Hoc Networks and Their Evaluation

Abstract

In an ad hoc network, we cannot assume a trusted certificate authority and a centralized repository that are used in ordinary Public-Key Infrastructure (PKI). Hence a PKI system of the web-of-trust type in which each node can issue certificates to others in a self-organizing manner has been studied. Although this system is useful for ad hoc networks, it has the problem that for authentication a node needs to find a certificate-chain to the destination node. In this paper, we formally model a web-of-trust-type PKI system, define the certificate-chain discovery problem, and propose a new distributed algorithm and its modification that solve the problem. Furthermore, we propose a measure of communication cost, and according to the measure, we compare our algorithm with an existing method by numerical computation for large-size networks and by simulation on randomly generated unit disk graphs for moderate-size networks. The simulation results show that the communication cost of the proposed method is less than 10% of the existing method.