Building a virtual hierarchy to simplify certification path discovery in mobile ad-hoc networks

The ease with which nodes may join or leave a Mobile Ad-hoc Network (MANET) implies changing trust relationships among them and problems to build certification paths. Peer-to-peer Public Key Infrastructures (PKIs) are quite dynamic and certification paths can be built although part of the infrastructure is temporarily unreachable. However, path discovery is difficult because trust relationships are bidirectional. On the contrary, in hierarchical PKIs, there is only one path between two entities and certification paths are easy to find. We propose a protocol that establishes a virtual hierarchy in a peer-to-peer PKI. This protocol is suitable for dynamic environments such as MANETs since it is executed in a short time. In addition, our protocol does not require to issue new certificates among PKI entities, facilitates the certification path discovery process and the maximum path length can be adapted to the characteristics of users with limited processing and storage capacity.