Turning Trust Around: Smart Contract-Assisted Public Key Infrastructure

Ahmed, Abu Shohel; Aura, Tuomas

doi:10.1109/trustcom/bigdatase.2018.00026

Cited by 14 publications

(5 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Lei et al [21] propose an efcient certifcate revocation scheme in vehicle communication systems (VCS). Ahmed and Aura [22] propose a SC-assisted public key infrastructure (SCP) to manage certifcate trust statuses. CAs and domain owners register and publish their certifcate policies on the blockchain such that each participant can verify the trust status of certifcates.…”

Section: Related Workmentioning

confidence: 99%

Distributed Public Key Certificate-Issuing Infrastructure for Consortium Certificate Authority Using Distributed Ledger Technology

Kumagai

Kakei

Shiraishi

et al. 2023

Security and Communication Networks

View full text Add to dashboard Cite

With the development of cloud services and the Internet of Things, the integration of heterogeneous systems is becoming increasingly complex. Identity management is important in the coordination of various systems, and public key infrastructure (PKI) is widely known as an identity management methods. In PKI, a certificate authority (CA) acts as a trust point to guarantee the identity of entities such as users, devices, and services. However, traditional CAs that delegate the operations to a specific organization are not always suitable for heterogeneous services, and a new methodology is required to enable multiple stakeholders to securely and cooperatively operate a CA. In this study, we introduce the concept of a consortium CA and propose a distributed public key certificate-issuing infrastructure that realizes a consortium CA. The proposed infrastructure enables multiple organizations to cooperatively operate a CA suitable for services involving multiple stakeholders. We identify four requirements for the cooperative operation of a consortium CA and design the proposed infrastructure with distributed ledger technology. Furthermore, we present the implementation of smart contracts with Hyperledger Fabric and prove that the proposed infrastructure satisfies the four requirements. Finally, we confirm that certificate issuance and verification are stable at approximately 4 and 3 ms, respectively.

show abstract

Section: Related Workmentioning

confidence: 99%

Distributed Public Key Certificate-Issuing Infrastructure for Consortium Certificate Authority Using Distributed Ledger Technology

Kumagai

Kakei

Shiraishi

et al. 2023

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Bloockchain based PKI [17][18][19][20][21][22][23][24][25][26][27][28] This paper primarily addresses eight attributes to compare different PKI system such as feature, type of blockchain network, blockchain platform, certificate, trust model, off-chain storage, on-chain and time complexity. Table 1 shows the detailed study of different blockchain based PKI systems.…”

Section: 12mentioning

confidence: 99%

“…When new anonymous node requests to join the network, the entire network is disrupted until the joining request is processed. The developed PKI

TTA\kern0.3em SC

in article 22 suffers from the loss of control issue over the blockchain network if it loses the key pair of the lead node under some cyber‐attacks. The DDoS attack to a particular lead node can make the system destabilized.…”

Section: Implementation and Comparisonmentioning

confidence: 99%

Smart contract assisted blockchain based public key infrastructure system

Panigrahi

Nayak

Paul

2022

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Public key infrastructure (PKI) is a reliable solution for Internet communication. PKI finds applications in secure email, virtual private network (VPN), e‐commerce, e‐governance, and so on. It provides a secure mechanism to authenticate users and communications. The conventional PKI system is centralized, which exposes the infrastructure to many security issues. The digital certificate generation and validation processes in PKI suffer from high latency and inadequate authentication processes. Moreover, it needs enormous time and effort to mitigate the malfeasance of the certificate authority (CA). The complexity of employing the traditional key and certificate management increases by enforcing the centralized CA$$ CA $$, which can compromise the transaction security. To overcome the aforementioned issues of PKI, three different solutions have been reported in the literature: Log based PKI (LBPKI), Web of Trust (WoT), and blockchain based PKI. The blockchain based PKI achieves more attention as it is the combination of LBPKI and WoT, which serves distributed trust, log of transactions, and constant sized data to verify the identity of users. Motivated by these facts, this article reports a blockchain‐based PKI system which has a lighter smart contract and less storage capacity and is also suitable for lightweight applications. The lighter smart contract in our infrastructure uses a threshold0.3emvalue$$ threshold\kern0.3em value $$, which validates the limit of one participating node for becoming the CA$$ CA $$ of any transaction inside the network. This approach can prevent distributed denial of service (DDoS) attacks. This smart contract also checks the signer node address. The proposed smart contract can prevent seven cyber attacks, such as Denial of Service (DoS), Man in the Middle Attack (MITM), Distributed Denial of Service (DDoS), 51%, Injection attacks, Routing Attack, and Eclipse attack. The Delegated Proof of Stake (DPoS) consensus algorithm used in this model reduces the number of validators for each transaction which makes it suitable for lightweight applications. The timing complexity of key/certificate validation and signature/certificate revocation processes do not depend on the number of transactions. The comparisons of various timing parameters with existing solutions show that the proposed PKI is competitively better.

show abstract

“…When new anonymous node requests to join the network, the entire network is disrupted until the joining request is processed. The developed PKI in article 25 suffers from the loss of control issue over the blockchain network if it loses the key pair of the lead node under some cyber attacks. The DDoS attack to a particular lead node can make the system destabilized.…”

Section: Critical Analysismentioning

confidence: 99%

Smart Contract Assisted Blockchain based PKI System

Panigrahi¹,

Nayak²,

Paul³

2022

Preprint

View full text Add to dashboard Cite

Public Key Infrastructure (PKI) is a reliable solution for Internet communication. PKI finds applications in secure email, virtual private network (VPN), e-commerce, e-governance, etc. It provides a secure mechanism to authenticate users and communications. The conventional PKI system is centralized, which exposes the infrastructure to many security issues. The digital certificate generation and validation processes in PKI suffer from high latency and inadequate authentication processes. Moreover, it needs enormous time and effort to mitigate the malfeasance of the Certificate Authority (CA). The complexity of employing the traditional key and certificate management increases by enforcing the centralized , which can compromise the transaction security. To overcome the aforementioned issues of PKI, three different solutions have been reported in the literature: Log based PKI (LBPKI),Web of Trust (WoT), and blockchain based PKI. The blockchain based PKI achieves more attention as it is the combination of LBPKI and WoT, which serves distributed trust, log of transactions, and constant sized data to verify the identity of users. Motivated by these facts, this article reports a blockchain-based PKI system which has a lighter smart contract and less storage capacity and is also suitable for lightweight applications. The lighter smart contract in our infrastructure uses a ℎ ℎ , which validates the limit of one participating node for becoming the of any transaction inside the network. This approach can prevent distributed denial of service (DDoS) attacks. This smart contract also checks the signer node address. The proposed smart contract can prevent seven cyber attacks, such as Denial of Service (DoS), Man in the Middle Attack (MITM), Distributed Denial of Service (DDoS), 51%, Injection attacks, Routing Attack, and Eclipse attack. The Delegated Proof of Stake (DPoS) consensus algorithm used in this model reduces the number of validators for each transaction which makes it suitable for lightweight applications. The timing complexity of key/certificate validation and signature/certificate revocation processes do not depend on the number of transactions. The comparisons of various timing parameters with existing solutions show that the proposed PKI is competitively better.

show abstract

Turning Trust Around: Smart Contract-Assisted Public Key Infrastructure

Cited by 14 publications

References 8 publications

Distributed Public Key Certificate-Issuing Infrastructure for Consortium Certificate Authority Using Distributed Ledger Technology

Distributed Public Key Certificate-Issuing Infrastructure for Consortium Certificate Authority Using Distributed Ledger Technology

Smart contract assisted blockchain based public key infrastructure system

Smart Contract Assisted Blockchain based PKI System

Contact Info

Product

Resources

About