LightLedger: A Novel Blockchain-Based Domain Certificate Authentication and Validation Scheme

Garba, Abba; Chen, Zhong; Guan, Zhi; Srivastava, Gautam

doi:10.1109/tnse.2021.3069128

Cited by 25 publications

(6 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To avoid single point of failure, multiple CAs issue certificates and record certificate transactions on the blockchain through smart contracts. In the work of Garba et al [18], a blockchain-based cross-domain authentication scheme was proposed. It has privacy-preserving features for lowperformance devices.…”

Section: Related Workmentioning

confidence: 99%

A New Identity Authentication and Key Agreement Protocol Based on Multi-Layer Blockchain in Edge Computing

Chen,

Yang,

Zeng

et al. 2024

IEEE Access

View full text Add to dashboard Cite

In today's interconnected world, identity authentication and key agreement are important links in the secure communication process of IoT terminal devices. In the edge computing environment, with the frequent cross-domain authentication and data sharing of IoT devices in different security domains, identity authentication faces a series of challenges and security issues. Most of the traditional identity authentication methods are based on public key infrastructure, which is prone to single point of failure and is not applicable to the distributed architecture of edge computing. In this article, we apply blockchain technology to the identity authentication and key agreement process of IoT terminal devices. In order to meet cross-domain requests from terminal devices in different security domains, a multi-layer blockchain authentication architecture is designed. The hash value of the digital certificate is stored on the blockchain and combined with dynamic accumulator technology to enhance the reliability and authentication efficiency of the digital certificate. Security analysis and experimental results demonstrate that our scheme can achieve efficient and secure authentication and key agreement.INDEX TERMS Edge computing, identity authentication, key agreement, multi-layer blockchain.

show abstract

Section: Related Workmentioning

confidence: 99%

A New Identity Authentication and Key Agreement Protocol Based on Multi-Layer Blockchain in Edge Computing

Chen,

Yang,

Zeng

et al. 2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Hence, the proposed TCBSOA outperformed all other prevailing methodologies. Proposed model 1987 (Rafique et al, 2021) 2589 (Sasikumar et al, 2022) (Liu et al, 2021) 3996 (Garba et al, 2021) 4872…”

Section: Performance Validationmentioning

confidence: 99%

“…Nonetheless, the system consumed more time for the testing process. (Garba et al, 2021) examined a framework called BC-centered domain name authentication system and certificate authentication. The system involved a set of trusted Certificate Authorities (CAs) who were related to an exact domain in the BC.…”

Section: Problem Statementmentioning

confidence: 99%

An Efficient Signed SSL/Tls-Based Data Security in the Cloud Using Ltt-Ddbm and TECC

TIWARI,

Jha

2023

Preprint

View full text Add to dashboard Cite

Cloud data security is a set of strategies to secure data from security threats. Nevertheless, the prevention of multiple cloud security attacks has been ignored by the previous works. To overcome this issue, this paper proposes an efficient Signed Secure Socket Layer/ Transport Layer Security (SSL/TLS) based Data Security in the cloud using Log Triangular Transfer function based Deep Drop Boltzmann Machines (LTT-DDBM) and Rivest, Shamir Adleman Session Key-based Twisted Edwards Curve Cryptography (RSASK-TECC) framework with Digital Signature Algorithm (DSA). The process is initiated by the web owner by sending a request to the SSL/TLS Certificate Authority Centre (CAC) to establish a website. The web owner will upload the php files to the web server if the CAC requirements are satisfied. Afterward, the data owner logs in to the browser. Thereafter, the signed SSL/TLS certificate is forwarded to the CAC for attack detection and verification by using LTT-DDBM. If the verification is successful, a public key is generated along with the signed SSL/TLS certificate. Nevertheless, a warning message will be generated if the verification fails. After successful verification, a session key is generated by the browser that is further utilized for encrypting the data. Then, the encrypted data along with the session keys undergo further encryption utilizing the public key via Advanced Encryption Standard Session key-based Twisted Edwards Curve Cryptography (AESS-TECC) for enhancing data security. The data user checks hash codes for data integrity before downloading. Data access is granted if the codes match; otherwise, it is declined. As per the experimental analysis, the proposed mechanism is superior to the prevailing approaches.

show abstract

“…Several alternative revocation status protocols have been developed [5], [6], [39], [45], as well as novel PKIs [3], [24], [47], [48], [52]; however, all of these protocols and PKIs require large changes to the infrastructure. Similarly, many other semi-centralized and decentralized PKIs, revocation protocols and logs have been proposed [7], [16], [17], [25], [28], [32], [44], [46], [50]. Matsumoto et al [36] propose a decentralized framework that incentivizes CAs to monitor for certificate misissuance through financial penalties.…”

Section: B Revocation Processmentioning

confidence: 99%

Postcertificates for Revocation Transparency

Korzhitskii¹,

Nemec²,

Carlsson³

2022

Preprint

View full text Add to dashboard Cite

The modern Internet is highly dependent on trust communicated via certificates. However, in some cases, certificates become untrusted, and it is necessary to revoke them. In practice, the problem of secure revocation is still open. Furthermore, the existing procedures do not leave a transparent and immutable revocation history. We propose and evaluate a new revocation transparency protocol that introduces postcertificates and utilizes the existing Certificate Transparency (CT) logs. The protocol is practical, has a low deployment cost, provides an immutable history of revocations, enables delegation, and helps to detect revocation-related misbehavior by certificate authorities (CAs). With this protocol, a holder of a postcertificate can bypass the issuing CA and autonomously initiate the revocation process via submission of the postcertificate to a CT log. The CAs are required to monitor CT logs and proceed with the revocation upon detection of a postcertificate. Revocation status delivery is performed independently and with an arbitrary status protocol. Postcertificates can increase the accountability of the CAs and empower the certificate owners by giving them additional control over the status of the certificates. We evaluate the protocol, measure log and monitor performance, and conclude that it is possible to provide revocation transparency using existing CT logs.

show abstract

LightLedger: A Novel Blockchain-Based Domain Certificate Authentication and Validation Scheme

Cited by 25 publications

References 28 publications

A New Identity Authentication and Key Agreement Protocol Based on Multi-Layer Blockchain in Edge Computing

A New Identity Authentication and Key Agreement Protocol Based on Multi-Layer Blockchain in Edge Computing

An Efficient Signed SSL/Tls-Based Data Security in the Cloud Using Ltt-Ddbm and TECC

Postcertificates for Revocation Transparency

Contact Info

Product

Resources

About