Using trusted responders in constrained aviation environments to reduce authentication overhead

This paper suggests a new authentication model using Online Certificate Status Protocol (OCSP) stapling with trusted responders to navigate a Public Key Infrastructure (PKI) trust tree in a constrained computing environment. This paper also suggests a model of how the trusted responders could be deployed and how to establish and maintain authentication between clients' applications and the trusted responder.Aircraft oftentimes work in limited RF bandwidth environments sharing a single frequency between many aircraft. Maximizing the efficiency of transmission time is paramount to servicing all aircraft communications needs. One of the large contributors to long transmission time in an IPS network is the login process, which requires the exchanging and verification of certificate chains. OCSP can be used to verify individual certificates, however it likely requires a request per certificate to the certificate authorities. Traditional OCSP responds with the validity information of a certificate, leaving the communicating counter parties, the constrained client and server, responsible for determining if the PKI tree between them is sufficiently strong to establish trust.The OCSP trusted responder model proposed by this paper would offload the PKI tree determination to trusted ground entities. The trusted ground entities would determine the level of trust, if any, for communication between the counter parties and forward only the necessary information for cryptographic exchange to the communicating counter parties. In an OCSP trusted responder model, a pre-configured list of trusted OCSP responders resides with the constrained client. During the authentication process the constrained client submits the list of OCSP trusted responders to the counter party server. The server is required to prove validity of its own PKI certificate using one of the OCSP trusted responders supplied by the client. The OCSP trusted responder would fetch any necessary intermediate certificates, walk the Public Key Infrastructure tree, and determine the level of trust, if any, between the counter parties and forward the information to the server. Thereby removing the need to exchange full certificate chains between constrained client and server. The server will then respond to the client with its own certificate, and the validation response from the OCSP trusted responder if any. The OCSP trusted responder model is adaptable and may be used in conjunction with, or in replace of, other verification methods of models.