Abstract
Public Key Infrastructure (PKI) technology is a widely used identity authentication technology. This paper uses blockchain technology to improve it and implements decentralized PKI authentication, which resolves the issues in the traditional PKI such as single point of failure and certificate transparency. However, most of the current research uses the method of traversing the blockchain to query the certificate (identity, public key) to realize identity authentication, which is inefficient. And as the size of blockchain continues to grow, storage overhead is growing. In this paper, we combine the blockchain and the dynamic accumulator to construct a blockchain PKI model that can batch update certificates, which improves the efficiency of identity authentication. The model can effectively add, revoke and update user certificates. Meanwhile, this paper builds a one-stop PKI authentication service model based on blockchain, Through the certificate blockchain, we can provide one-stop user authentication service to third-party service providers. Finally, we verify the security and effectiveness of the scheme.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Lin, J.Q., Jing, J.W., Zhang, Q.L.: Recent advances in PKI technologies. J. Cryptol. Res. 27(1), 487–496 (2015)
Yuan, Y., Wang, F.Y.: Blockchain: the state of the art and future trends. Acta Automatica Sinica 42, 481–494 (2016)
Fromknecht, C., Velicanu, D., Yakoubov, S.: CertCoin: a NameCoin based decentralized authentication system 6.857 class project. Unpublished class project (2014)
Fromknecht, C., Velicanu, D., Yakoubov, S.: A decentralized public key infrastructure with identity retention. IACR Cryptol. ePrint Arch. 2014, 803 (2014)
Leiding, B., Cap, C.H., Mundt, T., Rashidibajgan, S.: Authcoin: validation and authentication in decentralized networks. arXiv preprint arXiv:1609.04955 (2016)
Muftic, S.: Bix certificates: cryptographic tokens for anonymous transactions based on certificates public ledger. Ledger 1, 19–37 (2016)
Longo, R., Pintore, F., Rinaldo, G., Sala, M.: On the security of the blockchain BIX protocol and certificates. In: 2017 9th International Conference on Cyber Conflict (CyCon), pp. 1–16. IEEE (2017)
Matsumoto, S., Reischuk, R., M.: IKP: turning a PKI around with decentralized automated incentives. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 410–426. IEEE (2017)
Wan, Z., Guan, Z., Zhuo, F., Xian, H.: BKI: towards accountable and decentralized public-key infrastructure with blockchain. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICST, vol. 238, pp. 644–658. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78813-5_33
Syta, E., Tamas, I., Visher, D.: Keeping authorities “honest or bust” with decentralized witness cosigning. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 526–545. IEEE (2016)
Dykcik, L., Chuat, L., Szalachowski, P., Perrig, A.: BlockPKI: an automated, resilient, and transparent public-key infrastructure. In: 2018 IEEE International Conference on Data Mining Workshops (ICDMW), pp. 105–114. IEEE (2018)
Qin, B., Huang, J., Wang, Q., Luo, X., Liang, B., Shi, W.: Cecoin: a decentralized PKI mitigating MitM attacks. Future Gener. Comput. Syst. (2017)
Benaloh, J., de Mare, M.: One-way accumulators: a decentralized alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_24
Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_5
Wang, P., Wang, H., Pieprzyk, J.: A new dynamic accumulator for batch updates. In: Qing, S., Imai, H., Wang, G. (eds.) ICICS 2007. LNCS, vol. 4861, pp. 98–112. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77048-0_8
Acknowledgment
This work is supported by the National Science Foundation of China (No. 61462060, No. 61762060).
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Feng, T., Chen, W., Zhang, D., Liu, C. (2020). One-Stop Efficient PKI Authentication Service Model Based on Blockchain. In: Si, X., et al. Blockchain Technology and Application. CBCC 2019. Communications in Computer and Information Science, vol 1176. Springer, Singapore. https://doi.org/10.1007/978-981-15-3278-8_3
Download citation
DOI: https://doi.org/10.1007/978-981-15-3278-8_3
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-3277-1
Online ISBN: 978-981-15-3278-8
eBook Packages: Computer ScienceComputer Science (R0)