One-Stop Efficient PKI Authentication Service Model Based on Blockchain
- 15 Downloads
Public Key Infrastructure (PKI) technology is a widely used identity authentication technology. This paper uses blockchain technology to improve it and implements decentralized PKI authentication, which resolves the issues in the traditional PKI such as single point of failure and certificate transparency. However, most of the current research uses the method of traversing the blockchain to query the certificate (identity, public key) to realize identity authentication, which is inefficient. And as the size of blockchain continues to grow, storage overhead is growing. In this paper, we combine the blockchain and the dynamic accumulator to construct a blockchain PKI model that can batch update certificates, which improves the efficiency of identity authentication. The model can effectively add, revoke and update user certificates. Meanwhile, this paper builds a one-stop PKI authentication service model based on blockchain, Through the certificate blockchain, we can provide one-stop user authentication service to third-party service providers. Finally, we verify the security and effectiveness of the scheme.
KeywordsBlockchain Dynamic accumulator PKI One-stop identity authentication
This work is supported by the National Science Foundation of China (No. 61462060, No. 61762060).
- 1.Lin, J.Q., Jing, J.W., Zhang, Q.L.: Recent advances in PKI technologies. J. Cryptol. Res. 27(1), 487–496 (2015)Google Scholar
- 2.Yuan, Y., Wang, F.Y.: Blockchain: the state of the art and future trends. Acta Automatica Sinica 42, 481–494 (2016)Google Scholar
- 3.Fromknecht, C., Velicanu, D., Yakoubov, S.: CertCoin: a NameCoin based decentralized authentication system 6.857 class project. Unpublished class project (2014)Google Scholar
- 4.Fromknecht, C., Velicanu, D., Yakoubov, S.: A decentralized public key infrastructure with identity retention. IACR Cryptol. ePrint Arch. 2014, 803 (2014)Google Scholar
- 5.Leiding, B., Cap, C.H., Mundt, T., Rashidibajgan, S.: Authcoin: validation and authentication in decentralized networks. arXiv preprint arXiv:1609.04955 (2016)
- 7.Longo, R., Pintore, F., Rinaldo, G., Sala, M.: On the security of the blockchain BIX protocol and certificates. In: 2017 9th International Conference on Cyber Conflict (CyCon), pp. 1–16. IEEE (2017)Google Scholar
- 8.Matsumoto, S., Reischuk, R., M.: IKP: turning a PKI around with decentralized automated incentives. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 410–426. IEEE (2017)Google Scholar
- 9.Wan, Z., Guan, Z., Zhuo, F., Xian, H.: BKI: towards accountable and decentralized public-key infrastructure with blockchain. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICST, vol. 238, pp. 644–658. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78813-5_33CrossRefGoogle Scholar
- 10.Syta, E., Tamas, I., Visher, D.: Keeping authorities “honest or bust” with decentralized witness cosigning. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 526–545. IEEE (2016)Google Scholar
- 11.Dykcik, L., Chuat, L., Szalachowski, P., Perrig, A.: BlockPKI: an automated, resilient, and transparent public-key infrastructure. In: 2018 IEEE International Conference on Data Mining Workshops (ICDMW), pp. 105–114. IEEE (2018)Google Scholar
- 12.Qin, B., Huang, J., Wang, Q., Luo, X., Liang, B., Shi, W.: Cecoin: a decentralized PKI mitigating MitM attacks. Future Gener. Comput. Syst. (2017)Google Scholar