BPKI: A secure and scalable blockchain-based public key infrastructure system for web services
【Author】 Zhai, Zhonghao; Shen, Subin; Mao, Yanqin
【Source】JOURNAL OF INFORMATION SECURITY AND APPLICATIONS
【影响因子】4.960
【Abstract】Frequent attacks on the certificate authority (CA) have exposed the trust problem of the traditional public key infrastructure (PKI) for the web service. For example, malicious certificates issued by compromised CAs are used to impersonate the existing domain, and revoked certificate are still trusted by clients. Blockchain is considered as one of the most potential technologies to enable a more secure and trustworthy PKI. Although a lot of blockchain-based solutions have been proposed to improve or even replace the traditional PKI, there are still some critical issues unsolved. On the one hand, all of existing blockchain-based solutions are still vulnerable to the domain name preemption attack if a malicious or compromised CA registers a certificate for a domain before the rightful domain owner applies for a certificate for the domain. On the other hand, almost all blockchain-based solutions ignore the scalability problem and can hardly satisfy the current requirement (46 tX/s) of only certificate registrations for global web services. In this paper, we propose a secure and scalable blockchain-based PKI solution, which is called BPKI. In BPKI, we introduce new entities called auditors to supervise CA's certificate registration operations to eliminate the domain name preemption attack. Furthermore, we design a new delegated PBFT (DPBFT) consensus using the verifiable pseudo-random functions (VRFs) and a double blockchain structure to solve the scalability problem. It is theoretically proved that BPKI is secure. The simulation and experiment demonstrate that BPKI is superior to the existing blockchain-based PKI solutions in scalability.
【Keywords】Public key infrastructure; Blockchain; Web services; Decentralization; Authentication
【发表时间】2022 AUG
【收录时间】2022-07-25
【文献类型】实证性文章
【主题类别】
区块链技术-核心技术-加密算法
评论