One-Stop Efficient PKI Authentication Service Model Based on Blockchain

  • Tao FengEmail author
  • Wuyang ChenEmail author
  • Di Zhang
  • Chunyan Liu
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1176)


Public Key Infrastructure (PKI) technology is a widely used identity authentication technology. This paper uses blockchain technology to improve it and implements decentralized PKI authentication, which resolves the issues in the traditional PKI such as single point of failure and certificate transparency. However, most of the current research uses the method of traversing the blockchain to query the certificate (identity, public key) to realize identity authentication, which is inefficient. And as the size of blockchain continues to grow, storage overhead is growing. In this paper, we combine the blockchain and the dynamic accumulator to construct a blockchain PKI model that can batch update certificates, which improves the efficiency of identity authentication. The model can effectively add, revoke and update user certificates. Meanwhile, this paper builds a one-stop PKI authentication service model based on blockchain, Through the certificate blockchain, we can provide one-stop user authentication service to third-party service providers. Finally, we verify the security and effectiveness of the scheme.


Blockchain Dynamic accumulator PKI One-stop identity authentication 



This work is supported by the National Science Foundation of China (No. 61462060, No. 61762060).


  1. 1.
    Lin, J.Q., Jing, J.W., Zhang, Q.L.: Recent advances in PKI technologies. J. Cryptol. Res. 27(1), 487–496 (2015)Google Scholar
  2. 2.
    Yuan, Y., Wang, F.Y.: Blockchain: the state of the art and future trends. Acta Automatica Sinica 42, 481–494 (2016)Google Scholar
  3. 3.
    Fromknecht, C., Velicanu, D., Yakoubov, S.: CertCoin: a NameCoin based decentralized authentication system 6.857 class project. Unpublished class project (2014)Google Scholar
  4. 4.
    Fromknecht, C., Velicanu, D., Yakoubov, S.: A decentralized public key infrastructure with identity retention. IACR Cryptol. ePrint Arch. 2014, 803 (2014)Google Scholar
  5. 5.
    Leiding, B., Cap, C.H., Mundt, T., Rashidibajgan, S.: Authcoin: validation and authentication in decentralized networks. arXiv preprint arXiv:1609.04955 (2016)
  6. 6.
    Muftic, S.: Bix certificates: cryptographic tokens for anonymous transactions based on certificates public ledger. Ledger 1, 19–37 (2016)CrossRefGoogle Scholar
  7. 7.
    Longo, R., Pintore, F., Rinaldo, G., Sala, M.: On the security of the blockchain BIX protocol and certificates. In: 2017 9th International Conference on Cyber Conflict (CyCon), pp. 1–16. IEEE (2017)Google Scholar
  8. 8.
    Matsumoto, S., Reischuk, R., M.: IKP: turning a PKI around with decentralized automated incentives. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 410–426. IEEE (2017)Google Scholar
  9. 9.
    Wan, Z., Guan, Z., Zhuo, F., Xian, H.: BKI: towards accountable and decentralized public-key infrastructure with blockchain. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICST, vol. 238, pp. 644–658. Springer, Cham (2018). Scholar
  10. 10.
    Syta, E., Tamas, I., Visher, D.: Keeping authorities “honest or bust” with decentralized witness cosigning. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 526–545. IEEE (2016)Google Scholar
  11. 11.
    Dykcik, L., Chuat, L., Szalachowski, P., Perrig, A.: BlockPKI: an automated, resilient, and transparent public-key infrastructure. In: 2018 IEEE International Conference on Data Mining Workshops (ICDMW), pp. 105–114. IEEE (2018)Google Scholar
  12. 12.
    Qin, B., Huang, J., Wang, Q., Luo, X., Liang, B., Shi, W.: Cecoin: a decentralized PKI mitigating MitM attacks. Future Gener. Comput. Syst. (2017)Google Scholar
  13. 13.
    Benaloh, J., de Mare, M.: One-way accumulators: a decentralized alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994). Scholar
  14. 14.
    Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002). Scholar
  15. 15.
    Wang, P., Wang, H., Pieprzyk, J.: A new dynamic accumulator for batch updates. In: Qing, S., Imai, H., Wang, G. (eds.) ICICS 2007. LNCS, vol. 4861, pp. 98–112. Springer, Heidelberg (2007). Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.Lanzhou University of TechnologyLanzhouChina

Personalised recommendations