On the Performance of Certificate Revocation Protocols Based on a Java Card Certificate Client Implementation

The use of certificates for secure transactions in smart cards requires the existence of a secure and efficient revocation protocol residing on the card. There are a number of existing protocols for online certificate validation, among which OCSP and SCVP are the most widely used. However there are not any real applications testing the efficiency of these protocols when run in a smart card, even though the advantages of such an implementation are significant. In this paper we examine the details of the implementation of these protocols, emphasising on the issues arisen from the limitations of the smart cards. We also discuss the performance results from the implementation of OCSP in a multi-application smart card environment. Results from two different Java Card platforms are presented and analyzed.