Generic Lightweight Certificate Management Protocol (GLCMP)

Abstract

This paper describes a Generic Light Weight Certificate Management Protocol (GLCMP) for handling certificates on mobile devices. Theoretically, various security solutions are designed to protect the valuable information of mobile users. But, its power, memory and processing constraints, high response time and authentication latencies are the main challenges for the researcher to develop and integrate standard security mechanisms in it. It is observed that, most of mobile users are not technical enough to configure security parameters and even already developed libraries do not support extended security features like transparent handling of certificates, verification of identities, and distribution of certificates. In this paper, an innovative and comparatively efficient protocol is designed and implemented. It does not only overcome the shortcoming of the certificate handling in mobile devices but also provides some extended certificate related features like registration, authentication and trust delegation. The designed GLCMP is lightweight because all complex and computation-intensive operations, involved in creation of certificate request in PKCS#10 standard format, are offloaded to a proxy server. It also provides domain based secure registration and verification of the identities without exchanging any confidential information to the proxy servers and even no user's credential is exchanged on network for authentication. After analyzing its performance, we noticed that authentication latency of GLCMP is 0.394 sec which is less than previously proposed protocols like NSI (4.7), PKI (5.01), and PKASSO (5.19 delegation time + 0.082 authentication times). We also formally verified our designed by using Z-Notation Modeling techniques and found that it is protected against man-in-the-middle, replay and impersonation and non-repudiation attacks.