Skip to Main Content
We investigate how to disperse the certificates, issued in an ad-hoc network, among the network nodes such that the following condition holds. If any node u approaches any other node v in the network, then u can use the certificates stored either in u or in v to obtain the public key of v (so that u can securely send messages to v). We define the cost of certificate dispersal as the average number of certificates stored in one node in the network. We give upper and lower bounds on the dispersability cost of certificates, and show that both bounds are tight. We also present two certificate dispersal algorithms, and show that one of those algorithms is more efficient than the other in several important cases. Finally, we identify a rich class of "certificate graphs" for which the dispersability cost is within a constant factor from the lower bound.