PKChain: Compromise-Tolerant and Verifiable Public Key Management System
- Mosakheil, JH; Yang, K
- 2025
- 点赞
- 收藏
【Author】 Mosakheil, Jamal H.; Yang, Kan
【Source】IEEE INTERNET OF THINGS JOURNAL
【影响因子】10.238
【Abstract】Public key management systems enable users to create, validate, and revoke public keys, serving as the foundation of public key cryptography. Traditional public key infrastructure (PKI) systems rely on centralized certificate authorities (CAs) to validate users and manage public keys, but this centralization creates a single point of failure. If a CA is compromised, it can register fake public keys or alter legitimate ones, leading to counterfeit certificates. While blockchain-based approaches decentralize CA authority across multiple entities, these solutions are largely reactive, focusing on certificate issuance and relying on user signatures for validation. They lack a robust mechanism to authenticate and authorize requests before certificate issuance, a crucial step typically managed by registration authorities (RAs) in CA-based PKI systems. To address this gap, we introduce PKChain, a novel compromise-tolerant and verifiable public key management system built on blockchain. PKChain addresses two key challenges: 1) it uses a threshold block validation (TBV) scheme for key request validation, where validators partially validate requests and 2) collaborate for full validation. Once a request gains majority approval, it advances to the aggregated commitment signature (ACS) scheme, where validators collectively issue certificates. By requiring majority approval in the TBV stage before moving to certificate issuance, PKChain ensures proactive security throughout the process. To achieve consensus on validation and issuance, we propose a threshold cryptography-based consensus mechanism called the practical Byzantine compromise-tolerant and verifiable (pBCTV) consensus model, integrating the TBV and ACS schemes with the practical Byzantine fault-tolerance (pBFT) protocol. Security analysis, performance evaluation, and prototype implementation validate PKChain's security, efficiency, and resilience.
【Keywords】Public key; Blockchains; Internet of Things; Collaboration; Monitoring; Consensus protocol; Standards; Smart contracts; Registers; Public key cryptography; Block validation; blockchain; compromise-tolerance; PKChain; public key infrastructure (PKI)
【发表时间】2025 FEB 1
【收录时间】2025-04-07
【文献类型】
【主题类别】
--
评论