A Decentralized Dynamic PKI based on Blockchain

Mohsen Toorani; Christian Gehrmann

doi:10.1145/3412841.3442038

A Decentralized Dynamic PKI based on Blockchain

Mohsen Toorani, Christian Gehrmann

Nätverk och säkerhet

Forskningsoutput: Kapitel i bok/rapport/Conference proceeding › Konferenspaper i proceeding › Peer review

201 Nedladdningar (Pure)

Sammanfattning

The central role of the certificate authority (CA) in traditional public key infrastructure (PKI) makes it fragile and prone to compromises and operational failures. Maintaining CAs and revocation lists is demanding especially in loosely-connected and large systems. Log-based PKIs have been proposed as a remedy but they do not solve the problem effectively. We provide a general model and a solution for decentralized and dynamic PKI based on a blockchain and web of trust model where the traditional CA and digital certificates are removed and instead, everything is registered on the blockchain. Registration, revocation, and update of public keys are based on a consensus mechanism between a certain number of entities that are already part of the system. Any node which is part of the system can be an auditor and initiate the revocation procedure once it finds out malicious activities. Revocation lists are no longer required as any node can efficiently verify the public keys through witnesses.

Originalspråk	engelska
Titel på värdpublikation	Proceedings of the 36th ACM/SIGAPP Symposium On Applied Computing (SAC'21)
Förlag	Association for Computing Machinery (ACM)
Antal sidor	10
ISBN (elektroniskt)	978-1-4503-8104-8
DOI	https://doi.org/10.1145/3412841.3442038
Status	Published - 2021
Evenemang	The 36th ACM/SIGAPP Symposium on Applied Computing, SAC '21 - Virtual Event, Sydkorea, Republiken Korea Varaktighet: 2021 mars 22 → 2021 mars 26

Konferens

Konferens	The 36th ACM/SIGAPP Symposium on Applied Computing, SAC '21
Land/Territorium	Sydkorea, Republiken Korea
Ort	Virtual Event
Period	2021/03/22 → 2021/03/26

Ämnesklassifikation (UKÄ)

Systemvetenskap, informationssystem och informatik

Tillgång till dokument

10.1145/3412841.3442038

ManuscriptInskickat manuskript, 723 KBLicens: CC BY-NC-ND

SMARTY: Säkra mjukvaruuppdateringar för den smarta staden
Hell, M., Magnusson, B., Gehrmann, C., Paladi, N., Karlsson, L., Sönnerup, J., Johnsson, B. A., Hedin, G., Nordahl, M., Pagnin, E., Kundu, R. & Åkesson, A.
Stiftelsen för Strategisk Forskning, SSF
2018/03/01 → 2023/02/28
Projekt: Forskning

Citera det här

@inproceedings{c7e941294fd341d8a770fbbf36a4b581,

title = "A Decentralized Dynamic PKI based on Blockchain",

abstract = "The central role of the certificate authority (CA) in traditional public key infrastructure (PKI) makes it fragile and prone to compromises and operational failures. Maintaining CAs and revocation lists is demanding especially in loosely-connected and large systems. Log-based PKIs have been proposed as a remedy but they do not solve the problem effectively. We provide a general model and a solution for decentralized and dynamic PKI based on a blockchain and web of trust model where the traditional CA and digital certificates are removed and instead, everything is registered on the blockchain. Registration, revocation, and update of public keys are based on a consensus mechanism between a certain number of entities that are already part of the system. Any node which is part of the system can be an auditor and initiate the revocation procedure once it finds out malicious activities. Revocation lists are no longer required as any node can efficiently verify the public keys through witnesses.",

author = "Mohsen Toorani and Christian Gehrmann",

year = "2021",

doi = "10.1145/3412841.3442038",

language = "English",

booktitle = "Proceedings of the 36th ACM/SIGAPP Symposium On Applied Computing (SAC'21)",

publisher = "Association for Computing Machinery (ACM)",

address = "United States",

note = "The 36th ACM/SIGAPP Symposium on Applied Computing, SAC '21 ; Conference date: 22-03-2021 Through 26-03-2021",

}

TY - GEN

T1 - A Decentralized Dynamic PKI based on Blockchain

AU - Toorani, Mohsen

AU - Gehrmann, Christian

PY - 2021

Y1 - 2021

N2 - The central role of the certificate authority (CA) in traditional public key infrastructure (PKI) makes it fragile and prone to compromises and operational failures. Maintaining CAs and revocation lists is demanding especially in loosely-connected and large systems. Log-based PKIs have been proposed as a remedy but they do not solve the problem effectively. We provide a general model and a solution for decentralized and dynamic PKI based on a blockchain and web of trust model where the traditional CA and digital certificates are removed and instead, everything is registered on the blockchain. Registration, revocation, and update of public keys are based on a consensus mechanism between a certain number of entities that are already part of the system. Any node which is part of the system can be an auditor and initiate the revocation procedure once it finds out malicious activities. Revocation lists are no longer required as any node can efficiently verify the public keys through witnesses.

AB - The central role of the certificate authority (CA) in traditional public key infrastructure (PKI) makes it fragile and prone to compromises and operational failures. Maintaining CAs and revocation lists is demanding especially in loosely-connected and large systems. Log-based PKIs have been proposed as a remedy but they do not solve the problem effectively. We provide a general model and a solution for decentralized and dynamic PKI based on a blockchain and web of trust model where the traditional CA and digital certificates are removed and instead, everything is registered on the blockchain. Registration, revocation, and update of public keys are based on a consensus mechanism between a certain number of entities that are already part of the system. Any node which is part of the system can be an auditor and initiate the revocation procedure once it finds out malicious activities. Revocation lists are no longer required as any node can efficiently verify the public keys through witnesses.

U2 - 10.1145/3412841.3442038

DO - 10.1145/3412841.3442038

M3 - Paper in conference proceeding

BT - Proceedings of the 36th ACM/SIGAPP Symposium On Applied Computing (SAC'21)

PB - Association for Computing Machinery (ACM)

T2 - The 36th ACM/SIGAPP Symposium on Applied Computing, SAC '21

Y2 - 22 March 2021 through 26 March 2021

ER -

A Decentralized Dynamic PKI based on Blockchain

Sammanfattning

Konferens

Ämnesklassifikation (UKÄ)

Tillgång till dokument

Fingeravtryck

Projekt

SMARTY: Säkra mjukvaruuppdateringar för den smarta staden

Citera det här