A Blockchain-Based PKI Management Framework

Yakubov, Alexander; Shbair, Wazen; Wallbom, Anders; Sanda, David; State, Radu

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Yakubov, Alexander; Shbair, Wazen; Wallbom, Anders et al.

2018 • In The First IEEE/IFIP International Workshop on Managing and Managed by Blockchain (Man2Block) colocated with IEEE/IFIP NOMS 2018, Tapei, Tawain 23-27 April 2018

Peer reviewed

Permalink
https://hdl.handle.net/10993/35468

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

blockchain-based-pki.pdf

Author postprint (128.71 kB)

Download

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Blockchain; PKI

Abstract :

[en] Public-Key Infrastructure (PKI) is the cornerstone technology that facilitates secure information exchange over the Internet. However, PKI is exposed to risks due to potential failures of Certificate Authorities (CAs) that may be used to issue unauthorized certificates for end-users. Many recent breaches show that if a CA is compromised, the security of the corresponding end-users will be in risk. As an emerging solution, Blockchain technology potentially resolves the problems of traditional PKI systems - in particular, elimination of single point-of-failure and rapid reaction to CAs shortcomings. Blockchain has the ability to store and manage digital certificates within a public and immutable ledger, resulting in a fully traceable history log. In this paper we designed and developed a blockchain-based PKI management framework for issuing, validating and revoking X.509 certificates. Evaluation and experimental results confirm that the proposed framework provides more reliable and robust PKI systems with modest maintenance costs.

Research center :

Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Services and Data management research group (SEDAN)

Disciplines :

Computer science

Author, co-author :

Yakubov, Alexander ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Shbair, Wazen ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Wallbom, Anders; Nexus Group

Sanda, David; Nexus Group

State, Radu ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

External co-authors :

yes

Language :

English

Title :

A Blockchain-Based PKI Management Framework

Publication date :

2018

Event name :

IEEE/IFIP Man2Block

Event organizer :

IEEE/IFIP

Event place :

Taipei, Taiwan

Event date :

from 23-04-2018 to 27-04-2018

Audience :

International

Main work title :

The First IEEE/IFIP International Workshop on Managing and Managed by Blockchain (Man2Block) colocated with IEEE/IFIP NOMS 2018, Tapei, Tawain 23-27 April 2018

Peer reviewed :

Peer reviewed

Focus Area :

Computational Sciences

Available on ORBilu :

since 14 April 2018

Statistics

Number of views

3553 (20 by Unilu)

Number of downloads

8721 (21 by Unilu)

More statistics

Scopus citations^®

129

Scopus citations^®
without self-citations

128

Bibliography

J. Yu and M. Ryan, "Evaluating web pkis," in Software Architecture for Big Data and the Cloud. Elsevier, 2017, pp. 105-126.
D. Cooper, "Internet x. 509 public key infrastructure certificate and certificate revocation list (crl) profile," 2008.
H. Anada, J. Kawamoto, J. Weng, and K. Sakurai, "Identity-embedding method for decentralized public-key infrastructure," in International Conference on Trusted Systems. Springer, 2014, pp. 1-14.
J. Prins and B. U. Cybercrime, "Diginotar certificate authority breach'operation black tulip'," 2011.
B. Laurie, A. Langley, and E. Kasper, "Certificate transparency," Tech. Rep., 2013.
S. Matsumoto and R. M. Reischuk, "Ikp: Turning a pki around with blockchains." IACR Cryptology ePrint Archive, vol. 2016, p. 1018, 2016.
S. Matsumoto, P. Szalachowski, and A. Perrig, "Deployment challenges in log-based pki enhancements," in Proceedings of the Eighth European Workshop on System Security. ACM, 2015, p. 1.
K. Lewison and F. Corella, "Backing rich credentials with a blockchain pki," 2016.
L. Axon and M. Goldsmith, "PB-PKI: A privacy-aware blockchain-based PKI," in Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017)-Volume 4: SECRYPT, Madrid, Spain, July 24-26, 2017., 2017, pp. 311-318. [Online]. Available: https://doi.org/10.5220/0006419203110318
C. Fromknecht, D. Velicanu, and S. Yakoubov, "Certcoin: A namecoin based decentralized authentication system," Massachusetts Inst. Tech¬no!, Cambridge, MA, USA, Tech. Rep, vol. 6, 2014.
Mozilla included ca certificate list," 2017.
E. Androulaki, C. Cachin, A. D. Caro, A. Sorniotti, and M. Vukolic, "Permissioned blockchains and hyperledger fabric," ERCIM News, vol. 2017, no. 110, 2017. [Online]. Available: https://ercim-news.ercim.eu/ enllO/special/permissioned-blockchains-and-hyperledger-fabric
A. J. Nicholas Stifter and E. Weippl, "A holistic approach to smart contract security," ERCIM News, vol. 2017, no. 110, 2017. [Online]. Available: https://ercim-news.ercim.eu/enllO/special/ a-holistic-approach-to-smart-contract-security
M. Ali, J. C. Nelson, R. Shea, and M. J. Freedman, "Blockstack: A global naming and storage system secured by blockchains." in USENIX Annual Technical Conference, 2016, pp. 181-194.
M. Alicherry and A. D. Keromytis, "Doublecheck: Multi-path verifica¬tion against man-in-The-middle attacks," in Computers and communica¬tions, 2009. iscc 2009. ieee symposium on. IEEE, 2009, pp. 557-563.
Blockchain &cyber security, let's discuss," 2017. [On¬line]. Available: https://www2.deloitte.com/content/dam/Deloitte/ie/ Documents/Technology/IECBlockchainandCyberPOV0417.pdf