Skip to main content
SpringerLink
Log in
Book cover

International Conference on Financial Cryptography and Data Security

FC 2016: Financial Cryptography and Data Security pp 95–105Cite as

EthIKS: Using Ethereum to Audit a CONIKS Key Transparency Log

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9604))

Abstract

CONIKS is a proposed key transparency system which enables a centralized service provider to maintain an auditable yet privacy-preserving directory of users’ public keys. In the original CONIKS design, users must monitor that their data is correctly included in every published snapshot of the directory, necessitating either slow updates or trust in an unspecified third-party to audit that the data structure has stayed consistent. We demonstrate that the data structures for CONIKS are very similar to those used in Ethereum, a consensus computation platform with a Turing-complete programming environment. We can take advantage of this to embed the core CONIKS data structures into an Ethereum contract with only minor modifications. Users may then trust the Ethereum network to audit the data structure for consistency and non-equivocation. Users who do not trust (or are unaware of) Ethereum can self-audit the CONIKS data structure as before. We have implemented a prototype contract for our hybrid EthIKS scheme, demonstrating that it adds only modest bandwidth overhead to CONIKS proofs and costs hundredths of pennies per key update in fees at today’s rates.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    The term “key” is avoided to prevent confusion with cryptographic keys.

  2. 2.

    The number of valid users in the system can be obscured by adding dummy users at random indices with random data, which will be indistinguishable from real users.

  3. 3.

    Note that in CONIKS, warning messages are only intended when the user’s own key has changed unexpectedly at the server. If their peer’s keys change, this is ignored as it is assumed the peer will monitor this change themselves.

  4. 4.

    In Ethereum parlance, the contract closes by calling a special SUICIDE opcode which enables the network to permanently delete its storage.

  5. 5.

    Currently, the mean time between blocks is about 50 % higher due to network latency.

  6. 6.

    This lower bound does not include block’s timestamp and difficulty (which can be compressed), or the bloom filter whose size will vary based on usage.

References

  1. Ethereum Design Rationale (2016). https://github.com/ethereum/wiki/wiki/Design-Rationale

  2. Delmolino, K., Arnett, M., Kosba, A., Miller, A., Shi, E.: A Programmers Guide to Ethereum and Serpent, May 2015

    Google Scholar 

  3. Kalodner, H., Carlsten, M., Ellenbogen, P., Bonneau, J., Narayanan, A.: An empirical study of Namecoin and lessons for decentralized namespace design. In: Workshop on the Economics of Information Security (WEIS), June 2015

    Google Scholar 

  4. Laurie, B., Langley, A., Kasper, E.: Google Inc. RFC 6962 Certificate Transparency, June 2013

    Google Scholar 

  5. Loibl, A.: Namecoin (2014). namecoin.info

  6. Luu, L., Teutsch, J., Kulkarni, R., Saxena, P.: Demystifying incentives in the consensus computer. In: ACM Conference on Computer and Communications Security (CCS) (2015)

    Google Scholar 

  7. Melara, M.S., Blankstein, A., Bonneau, J., Freedman, M.J., Felten, E.W.: CONIKS: bringing key transparency to end users. In: USENIX Security, August 2015

    Google Scholar 

  8. Miller, A., Hicks, M., Katz, J., Shi, E.: Authenticated data structures, generically. In: ACM Conference on Principles of Programming Languages (POPL), January 2014

    Google Scholar 

  9. Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008). http://bitcoin.org/bitcoin.pdf

  10. Unger, N., Dechand, S., Bonneau, J., Fahl, S., Perl, H., Goldberg, I., Smith, M.: SoK: secure messaging. In: IEEE Symposium on Security and Privacy, May 2015

    Google Scholar 

  11. Wood, G.: Ethereum: a secure decentralized transaction ledger (2014). http://gavwood.com/paper.pdf

Download references

Author information

Authors and Affiliations

  1. Electronic Frontier Foundation, Stanford University, Stanford, USA

    Joseph Bonneau

Authors
  1. Joseph Bonneau
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Joseph Bonneau .

Editor information

Editors and Affiliations

  1. Concordia University, Montreal, Québec, Canada

    Jeremy Clark

  2. University College London, London, United Kingdom

    Sarah Meiklejohn

  3. Université du Luxembourg, Luxembourg, Luxembourg

    Peter Y.A. Ryan

  4. Rice University, Houston, Texas, USA

    Dan Wallach

  5. Leibniz Universität Hannover, Hannover, Germany

    Michael Brenner

  6. New Jersey Institute of Technology, Newark, New Jersey, USA

    Kurt Rohloff

Rights and permissions

Reprints and permissions

Copyright information

© 2016 International Financial Cryptography Association

About this paper

Cite this paper

Bonneau, J. (2016). EthIKS: Using Ethereum to Audit a CONIKS Key Transparency Log. In: Clark, J., Meiklejohn, S., Ryan, P., Wallach, D., Brenner, M., Rohloff, K. (eds) Financial Cryptography and Data Security. FC 2016. Lecture Notes in Computer Science(), vol 9604. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-53357-4_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-53357-4_7

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-53356-7

  • Online ISBN: 978-3-662-53357-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation