Design an active verification mechanism for certificates revocation in OCSP for internet authentication

Abstract

No doubt that data security online is crucial. Therefore, great attention has been paid to that aspect by companies and organizations given its economic and social implications. Thus, online certificate status protocol (OCSP) is considered one of the most prominent protocol functioning in this field, which offers a prompt support for certificates online. In this research, a model designed based on field programable gate array (FPGA) using Merkel's tree has been proposed to overcome the delay that might have occurred in sorting and authentication of certificates. Having adopted this model and with the assistance of Hash function algorithm, more than 50% of certificates have been processed in comparison with standard protocol. Moreover, certificates have been provided with substantial storage space with high throughput. Basically, Hash function algorithm has been designed to arrange and specify a site of verified or denied certificates within time of validity to protect servers from intrusion and clients from using applications with harmful contents.