The Notary Based PKI

Vigil, Martín; Moecke, Cristian Thiago; Custódio, Ricardo Felipe; Volkamer, Melanie

doi:10.1007/978-3-642-40012-4_6

Cited by 9 publications

(8 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…1.1.1 PKI without blockchain [11][12][13][14][15][16] This section discusses about existing PKIs frameworks which have not used blockchain. Proposed accountable key infrastructure (AKI) 12 is used to defend domains and clients from flaws induced by single points of failure.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Smart contract assisted blockchain based public key infrastructure system

Panigrahi

Nayak

Paul

2022

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Public key infrastructure (PKI) is a reliable solution for Internet communication. PKI finds applications in secure email, virtual private network (VPN), e‐commerce, e‐governance, and so on. It provides a secure mechanism to authenticate users and communications. The conventional PKI system is centralized, which exposes the infrastructure to many security issues. The digital certificate generation and validation processes in PKI suffer from high latency and inadequate authentication processes. Moreover, it needs enormous time and effort to mitigate the malfeasance of the certificate authority (CA). The complexity of employing the traditional key and certificate management increases by enforcing the centralized CA$$ CA $$, which can compromise the transaction security. To overcome the aforementioned issues of PKI, three different solutions have been reported in the literature: Log based PKI (LBPKI), Web of Trust (WoT), and blockchain based PKI. The blockchain based PKI achieves more attention as it is the combination of LBPKI and WoT, which serves distributed trust, log of transactions, and constant sized data to verify the identity of users. Motivated by these facts, this article reports a blockchain‐based PKI system which has a lighter smart contract and less storage capacity and is also suitable for lightweight applications. The lighter smart contract in our infrastructure uses a threshold0.3emvalue$$ threshold\kern0.3em value $$, which validates the limit of one participating node for becoming the CA$$ CA $$ of any transaction inside the network. This approach can prevent distributed denial of service (DDoS) attacks. This smart contract also checks the signer node address. The proposed smart contract can prevent seven cyber attacks, such as Denial of Service (DoS), Man in the Middle Attack (MITM), Distributed Denial of Service (DDoS), 51%, Injection attacks, Routing Attack, and Eclipse attack. The Delegated Proof of Stake (DPoS) consensus algorithm used in this model reduces the number of validators for each transaction which makes it suitable for lightweight applications. The timing complexity of key/certificate validation and signature/certificate revocation processes do not depend on the number of transactions. The comparisons of various timing parameters with existing solutions show that the proposed PKI is competitively better.

show abstract

Section: Related Workmentioning

confidence: 99%

“…The Notary‐based PKI (NBPKI) 16 approach creates a group of trustworthy individuals known as notarial authorities (NA). The NA confirms the reliability of a certificate for validating a certain signature at a specified time.…”

Section: Introductionmentioning

confidence: 99%

Smart contract assisted blockchain based public key infrastructure system

Panigrahi

Nayak

Paul

2022

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…The Notary-based PKI (NBPKI) 19 approach creates a group of trustworthy individuals known as Notarial Authorities (NA).…”

Section: Pki Without Blockchainmentioning

confidence: 99%

“…The certificates issued by the local authority are stored by a third party, which are trimmed to SPoF. In NBPKI 19 RA is in charge of authenticating the user's identification, and the NA maintains the user's status as trusted or untrusted based on the RA's decision. The malicious RA has the potential to compromise the system's integrity.…”

Section: Critical Analysismentioning

confidence: 99%

Smart Contract Assisted Blockchain based PKI System

Panigrahi¹,

Nayak²,

Paul³

2022

Preprint

View full text Add to dashboard Cite

Public Key Infrastructure (PKI) is a reliable solution for Internet communication. PKI finds applications in secure email, virtual private network (VPN), e-commerce, e-governance, etc. It provides a secure mechanism to authenticate users and communications. The conventional PKI system is centralized, which exposes the infrastructure to many security issues. The digital certificate generation and validation processes in PKI suffer from high latency and inadequate authentication processes. Moreover, it needs enormous time and effort to mitigate the malfeasance of the Certificate Authority (CA). The complexity of employing the traditional key and certificate management increases by enforcing the centralized , which can compromise the transaction security. To overcome the aforementioned issues of PKI, three different solutions have been reported in the literature: Log based PKI (LBPKI),Web of Trust (WoT), and blockchain based PKI. The blockchain based PKI achieves more attention as it is the combination of LBPKI and WoT, which serves distributed trust, log of transactions, and constant sized data to verify the identity of users. Motivated by these facts, this article reports a blockchain-based PKI system which has a lighter smart contract and less storage capacity and is also suitable for lightweight applications. The lighter smart contract in our infrastructure uses a ℎ ℎ , which validates the limit of one participating node for becoming the of any transaction inside the network. This approach can prevent distributed denial of service (DDoS) attacks. This smart contract also checks the signer node address. The proposed smart contract can prevent seven cyber attacks, such as Denial of Service (DoS), Man in the Middle Attack (MITM), Distributed Denial of Service (DDoS), 51%, Injection attacks, Routing Attack, and Eclipse attack. The Delegated Proof of Stake (DPoS) consensus algorithm used in this model reduces the number of validators for each transaction which makes it suitable for lightweight applications. The timing complexity of key/certificate validation and signature/certificate revocation processes do not depend on the number of transactions. The comparisons of various timing parameters with existing solutions show that the proposed PKI is competitively better.

show abstract

“…Another possible solution to the conventional PKI system is the W ebof T rust(W oT ) based PKI. The W ebof T rust(W oT ) includes notary-based solutions such as LocalP KI [ [14] and N otary−basedP KI [15] that are intended to offer different PKI systems that enable the end-user to use their known trusted node to act as the CA. In this type of PKI, the N otaryAuthorities(N As) replaced CAs to store the only signed hash of the certificate and its serial number in the database.…”

Section: Introductionmentioning

confidence: 99%

CTB-PKI: Clustering and Trust Enabled Blockchain Based PKI System for Efficient Communication in P2P Network

et al. 2022

View full text Add to dashboard Cite

The decentralization feature of public and private blockchain-based applications is achieved by selecting different nodes as validator or Certificate Authority (CA) for each transaction. Public blockchain uses Proof of Work (PoW) to search for the validator. PoW causes an enormous amount of energy. Therefore, Proof of Stake (P oS), and Proof of Authority (P oA) emerged as alternate solutions. Selection of a new CA using P oS or P oA algorithms for each transaction may improve transaction security. However, a network may have a large number of transactions, and selecting a CA for each transaction using P oS or P oA may cause a significant amount of block propagation delay. Moreover, an increase in the number of participant nodes may increase the block propagation delay even further. Therefore, higher block propagation delay reduces network efficiency drastically. This paper proposes a different approach to increase the efficiency of Blockchain-based Public Key Infrastructure (BC − P KI). The proposed approach creates clusters of participant nodes based on their validation time, response time, and trust. This method selects a cluster based on the budget of response time and validation time given by the node that intends to start a transaction. Thereafter, the node which has the highest trust in that cluster is chosen as a CA for the next transaction. Instead of searching on all participant nodes, our approach searches on the nodes of the chosen cluster which reduces the searching space of the CA selection process. This research work adopts a trust evaluation approach where the trust factor is quantified based on its experience and reputation. The node trust is reevaluated after every successful and unsuccessful transaction. A node that performs more successful transactions has more trust value. The node that has a higher trust value has a higher probability to be selected as a CA for a transaction. The trust reevaluation process is followed by the clustering process. The result shows the proposed approach can reduce ∼38.5% response time and ∼2.2% validation time as compared to infrastructure which does not implement clustering. Additionally, the proposed CT B − P KI can be used in Blockchain 2.0 and Blockchain 3.0-related applications.

show abstract

The Notary Based PKI

Cited by 9 publications

References 12 publications

Smart contract assisted blockchain based public key infrastructure system

Smart contract assisted blockchain based public key infrastructure system

Smart Contract Assisted Blockchain based PKI System

CTB-PKI: Clustering and Trust Enabled Blockchain Based PKI System for Efficient Communication in P2P Network

Contact Info

Product

Resources

About