CA Server Cluster Computing Architecture and Algorithms

S. Tang (PRC)


Certificate Authority, Cluster Computing, Confidentiality, Robustness, High Throughputs


CA server cluster computing architecture and algorithms are designed in this paper. The goals of the CA server cluster are robustness, high throughput or high-speed calculation of digital signature, and confidentiality of CA's private key. The cluster consists of two interface machines, K computation machines, and one sub-key distribution machine. The CA's digital signature private key is divided into K pieces of sub-key by the distribution machine, and the sub-keys are distributed to the computation machines. The computation task of digital signature is accomplished collaboratively by the computation machines. The CA's private key is never reconstructed by the computation machines at a single location, thus, the confidentiality of CA's private key is achieved. As soon as the number of computation machine that can perform normally is greater than or equal to t, then the cluster can continuously provide certificate issuing service. Thus, the system is robust. The computation machines can work in serial or parallel model according to the workload of the cluster, then the cluster can perform high-throughput or high-speed calculation.

Important Links:

Go Back