nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Towards a Smart Contract-Based, Decentralized, Public-Key Infrastructure

verfasst von : Christos Patsonakis, Katerina Samari, Mema Roussopoulos, Aggelos Kiayias

Erschienen in: Cryptology and Network Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Public-key infrastructures (PKIs) are an integral part of the security foundations of digital communications. Their widespread deployment has allowed the growth of important applications, such as, internet banking and e-commerce. Centralized PKIs (CPKIs) rely on a hierarchy of trusted Certification Authorities (CAs) for issuing, distributing and managing the status of digital certificates, i.e., unforgeable data structures that attest to the authenticity of an entity’s public key. Unfortunately, CPKI’s have many downsides in terms of security and fault tolerance and there have been numerous security incidents throughout the years. Decentralized PKIs (DPKIs) were proposed to deal with these issues as they rely on multiple, independent nodes. Nevertheless, decentralization raises other concerns such as what are the incentives for the participating nodes to ensure the service’s availability.

In our work, we leverage the scalability, as well as, the built-in incentive mechanism of blockchain systems and propose a smart contract-based DPKI. The main barrier in realizing a smart contract-based DPKI is the size of the contract’s state which, being its most expensive resource to access, should be minimized for a construction to be viable. We resolve this problem by proposing and using in our DPKI a public-state cryptographic accumulator with constant size, a cryptographic tool which may be of independent interest in the context of blockchain protocols. We also are the first to formalize the DPKI design problem in the Universal Composability (UC) framework and formally prove the security of our construction under the strong RSA assumption in the Random Oracle model and the existence of an ideal smart contract functionality.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel A New Approach to Deanonymization of Unreachable Bitcoin Nodes

Nächstes Kapitel Secure Code Updates for Smart Embedded Devices Based on PUFs

Nur mit Berechtigung zugänglich

As we explained in Sect. 5, a set \(X_2'\) is derived by \(DBstate'\) in the following way: For any record of the form \((\mathsf {Register}, id, pk, i, W_1, W_2,W_3)\), (id, i, a) is added to \(X_2\) and for any record of the form \((\mathsf {Revoke}, id, pk, i)\), (id, i, d) is added to \(X_2\).

ASCAP, PRS and SACEM join forces for blockchain copyright system. https://tinyurl.com/y7aruwlw. Accessed 06 July 2017

Emercoin - distributed blockchain services for business and personal use. http://www.emercoin.com. Accessed 30 Sept 2010

Final report on diginotar hack shows total compromise of ca servers. https://tinyurl.com/hnmuahc. Accessed 07 Apr 2017

Google takes symantec to the woodshed for mis-issuing 30,000 HTTPS certs. https://tinyurl.com/kwkvfur. Accessed 07 Apr 2017

IBM pushes blockchain into the supply chain. https://tinyurl.com/yazgt9pk. Accessed 06 July 2017

Namecoin. https://namecoin.org/. Accessed 07 Apr 2017

Swiss industry consortium to use Ethereum’s blockchain. https://tinyurl.com/zlbfmnt. Accessed 06 July 2017

Trustwave admits it issued a certificate to allow company to run man-in-the-middle attacks. https://tinyurl.com/ycfv6kfs. Accessed 07 Apr 2017

Aberer, K.: P-grid: a self-organizing access structure for P2P information systems. In: Batini, C., Giunchiglia, F., Giorgini, P., Mecella, M. (eds.) CoopIS 2001. LNCS, vol. 2172, pp. 179–194. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44751-2_15CrossRefMATH

10.

Avramidis, A., Kotzanikolaou, P., Douligeris, C., Burmester, M.: Chord-PKI: a distributed trust infrastructure based on P2P networks. Comput. Netw. 56, 378–398 (2012)CrossRef

11.

Badertscher, C., Maurer, U., Tschudi, D., Zikas, V.: Bitcoin as a transaction ledger: a composable treatment. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 324–356. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_11CrossRef

12.

Baldimtsi, F., et al.: Accumulators with applications to anonymity-preserving revocation. In: EuroS&P (2017)

13.

Barić, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-69053-0_33CrossRef

14.

Benaloh, J., de Mare, M.: One-way accumulators: a decentralized alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_24CrossRef

15.

Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_5CrossRef

16.

Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. IACR Cryptology ePrint Archive 2000:67 (2000)

17.

Carter, L., Wegman, M.N.: Universal classes of hash functions. J. Comput. Syst. Sci. 18(2), 143–154 (1979)MathSciNetCrossRef

18.

Datta, A., Hauswirth, M., Aberer, K.: Beyond “web of trust”: enabling P2P e-commerce. In: CEC 2003, pp. 303–312 (2003)

19.

Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45748-8_24CrossRef

20.

Ellison, C., Schneier, B.: Ten risks of PKI: what you’re not being told about public key infrastructure (2000)

21.

Fromknecht, C., Velicanu, D., Yakoubov, S.: A decentralized public key infrastructure with identity retention. IACR (2014)

22.

Garay, J., Kiayias, A., Leonardos, N.: The bitcoin backbone protocol: analysis and applications. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 281–310. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_10CrossRef

23.

Garay, J., Kiayias, A., Leonardos, N.: The bitcoin backbone protocol with chains of variable diculty. IACR Cryptology ePrint Archive (2016)

24.

Gennaro, R., Halevi, S., Rabin, T.: Secure hash-and-sign signatures without the random oracle. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 123–139. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_9CrossRef

25.

Gipp, B., Meuschke, N., Gernandt, A.: Decentralized trusted timestamping using the crypto currency bitcoin. CoRR, abs/1502.04015 (2015)

26.

Jhanwar, M.P., Safavi-Naini, R.: Compact accumulator using lattices. In: Chakraborty, R.S., Schwabe, P., Solworth, J. (eds.) SPACE 2015. LNCS, vol. 9354, pp. 347–358. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24126-5_20CrossRef

27.

Karakaya, M., Korpeoglu, I., Ulusoy, Ö.: Free riding in peer-to-peer networks. IEEE Internet Comput. 13(2), 92–98 (2009)CrossRef

28.

Lesueur, F., Me, L., Tong, V.V.T.: An efficient distributed PKI for structured P2P networks. In IEEE P2PC (2009)

29.

Li, J., Li, N., Xue, R.: Universal accumulators with efficient nonmembership proofs. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 253–269. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-72738-5_17CrossRef

30.

Maymounkov, P., Mazières, D.: Kademlia: a peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45748-8_5CrossRefMATH

31.

Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. http://bitcoin.org/bitcoin.pdf. Accessed 07 Apr 2017

32.

Nguyen, L.: Accumulators from bilinear pairings and applications. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 275–292. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30574-3_19CrossRef

33.

Nyberg, K.: Fast accumulated hashing. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 83–87. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-60865-6_45CrossRefMATH

34.

Reiter, M.K.: Franklin, M.K., Lacy, J.B., Wright, R.N.: The \(\omega \) key management service. In: CCS 1996 (1996)

35.

Reyzin, L., Yakoubov, S.: Efficient asynchronous accumulators for distributed PKI. In: Zikas, V., De Prisco, R. (eds.) SCN 2016. LNCS, vol. 9841, pp. 292–309. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44618-9_16CrossRefMATH

36.

Sander, T.: Efficient accumulators without trapdoor extended abstract. In: Varadharajan, V., Mu, Y. (eds.) ICICS 1999. LNCS, vol. 1726, pp. 252–262. Springer, Heidelberg (1999). https://doi.org/10.1007/978-3-540-47942-0_21CrossRef

37.

Wouhaybi, R.H., Campbell, A.T.: Keypeer: a scalable, resilient distributed public-key system using chord (2008)

38.

Yüce, E., Selçuk, A.A.: Server notaries: a complementary approach to the web PKI trust model. IACR Cryptology ePrint Archive 2016:126 (2016)

39.

Zhou, L., Schneider, F.B., Van Renesse, R.: COCA: a secure distributed online certification authority. ACM Trans. Comput. Syst. 20, 329–368 (2002)CrossRef

40.

Zimmermann, P.: Pretty good privacy. https://philzimmermann.com

Titel: Towards a Smart Contract-Based, Decentralized, Public-Key Infrastructure
verfasst von: Christos Patsonakis
Katerina Samari
Mema Roussopoulos
Aggelos Kiayias
Verlag: Springer International Publishing
Buch: Cryptology and Network Security
Print ISBN: 978-3-030-02640-0

Electronic ISBN: 978-3-030-02641-7

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-030-02641-7_14

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"