Abstract
With the current blockchain-based Public Key Infrastructure (PKI) being in its early stage of R&D, it is suffering from many shortcomings, such as its reliance on the centralized Certificate Authority (CA), the faulty identity registration and verification mechanism, and the difficulty in certificate management. As a result, the existing blockchain based PKI has trouble in adapting to a distributed network. Therefore, we have proposed Dizar: A distributed PKI architecture based on permissoned blockchain. Dizar architecture is designed with a distributed ledger operation system that can verify security. Based on no certificate authentication, electronic certificates with legal identities in the network are registered in a secure and verifiable permissioned blockchain, thus realizing the full-cycle management of the issued electronic certificates. The performance of Dizar is analyzed and compared with previous protocols. The results show that the Dizar architecture has better adaptability to a distributed network.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Al-Bassam, M.: SCPKI: a smart contract-based PKI and identity system. In: ACM Workshop on Blockchain, Cryptocurrencies and Contracts, pp. 35–40 (2017)
Androulaki, E., et al.: Hyperledger fabric: a distributed operating system for permissioned blockchains (2018)
Author: Disk storage cost. https://diskprices.com/. Accessed 28 Nov 2017
Axon, L.: Privacy-awareness in blockchain-based PKI (2015)
Camacho, P., Hevia, A., Kiwi, M., Opazo, R.: Strong accumulators from collision-resistant hashing. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 471–486. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85886-7_32
Diginotar: Diginotar. https://en.wikipedia.org/wiki/DigiNotar/. Accessed 4 Mar 2011
Eweek: Mozilla asked to revoke trustwave CA for allowing SSL eavesdropping. http://www.eweek.com/security/mozilla-askedto-revoke-trustwave-ca-for-allowing-ssleavesdropping/. February March 4, 2012
Faisca, J.G., Rogado, J.Q.: Personal cloud interoperability. In: World of Wireless, Mobile and Multimedia Networks, pp. 1–3 (2016)
Falliere, N., Murchu, L.O., Chien, E.: W32.stuxnet dossier. White Paper (2011)
Fromknecht, C., Velicanu, D.: CertCoin: a NameCoin based decentralized authentication system. Technical report, 6.857 class (2014)
Gervais, A., Karame, G.O., Glykantzis, V., Ritzdorf, H., Capkun, S.: On the security and performance of proof of work blockchains. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 3–16 (2016)
Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: Usenix Conference on Security Symposium, pp. 129–144 (2015)
Lesueur, F., Me, L., Tong, V.V.T.: An efficient distributed PKI for structured P2P networks. In: IEEE Ninth International Conference on Peer-to-Peer Computing, pp. 1–10 (2009)
Lewison, K., Corella, F.: Backing rich credentials with a blockchain PKI. Technical report, Pomian & Corella LLC (2016)
Matsumoto, S., Reischuk, R.M.: IKP: turning a PKI around with decentralized automated incentives. In: Security and Privacy, pp. 410–426 (2017)
Melin, T., Vidhall, T.: Namecoin as authentication for public-key cryptography (2014)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Consulted (2008)
Patrick Wardle, A.M.: CA threats. https://objectivesee.com/blog/blog_0x26.html/. Accessed 4 Apr 2017
Phillip: Comodo SSL affiliate the recent RA compromise. https://blog.comodo.com/other/therecent-ra-compromise/. Accessed 4 Mar 2011
Nakamoto, S.: Bitcoin blockchain size. http://blockchain.info/charts/blocks-size/. Accessed 7 Aug 2018
Shen, X., Pei, Q.Q., Liu, X.F.: Survey of block chain. Chin. J. Netw. Inf. Secur. 11, 11–20 (2016)
Symantec Threat Intelligence: Marketscore proxyserver certificate. https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=20804./. Accessed 4 Apr 2017
VerisignDECEMBER: The verisign domain name industry brief. https://www.verisign.com/en_US/domainnames/dnib/index.xhtml/. Accessed 4 Apr 2017
Xu, J.J.: Are blockchains immune to all malicious attacks? Financ. Innov. 2(1), 25 (2016)
Zhicheng, Z., Lixin, L., Zuohui, L.: Efficient cross domain authentication scheme based on blockchain technology. J. Comput. Appl. 38(2), 316–320 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Dai, Q., Xu, K., Dai, L., Guo, S. (2020). Dizar: An Architecture of Distributed Public Key Infrastructure Based on Permissoned Blockchain. In: Si, X., et al. Blockchain Technology and Application. CBCC 2019. Communications in Computer and Information Science, vol 1176. Springer, Singapore. https://doi.org/10.1007/978-981-15-3278-8_11
Download citation
DOI: https://doi.org/10.1007/978-981-15-3278-8_11
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-3277-1
Online ISBN: 978-981-15-3278-8
eBook Packages: Computer ScienceComputer Science (R0)