Skip to main content
Springer Nature Link
Log in

NoPKI - a Point-to-Point Trusted Third Party Service Based on Blockchain Consensus Algorithm

  • Conference paper
  • First Online:
Frontiers in Cyber Security (FCS 2020)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1286))

Included in the following conference series:

  • 1453 Accesses

Abstract

The increasingly interconnected network results in the change of information flow between users and service providers, hence there is an emerging need for building a secure channel for connections. Currently, Public Key Infrastructure System (shortly PKI), the hierarchical trust relationship system, is the most widely used cornerstone technology to help secure the communication channels. However, PKI recently concerns the users due to various security breaches, i.e., the compromised PKI allows attackers to issue any valid keys to the victim and decrypt any secure connections within the system. In this paper, we design a decentralized PKI system, called NoPKI, by leveraging the blockchain technology. The system has multiple small and trusted groups called the neighborhood, which can be formed dynamically. These neighbors are the players in each neighborhood, and each transaction in the PKI system (including registration, revocation, and validation) requires witnesses of neighbors. In the evaluation, we implement our system and validate that our system ensures not only long-term accessibility but also the certificate security and public audit-ability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Bahajji, Z.A., Illyes, G.: HTTPS as a ranking signal, Google Webmaster Central Blog, 6 August 2014. https://webmasters.googleblog.com/2014/08/https-as-ranking-signal.html. Accessed 1 Jan 2020

  2. Axon, L., Goldsmith, M.: PB-PKI: a privacy-aware blockchain-based PKI. In: SECRYPT 2017, pp. 311–318 (2017)

    Google Scholar 

  3. Stark, E., Lopez, C.: No more mixed messages about HTTPS, Chromium Blog, 3 October 2019. https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html. Accessed 1 Jan 2020

  4. Prins, J.R.: Interim Report - DigiNotar Certificate Authority breach - Operation Black Tulip,” Fox-IT BV, 5 September 2011. https://www.rijksoverheid.nl/binaries/rijksoverheid/documenten/rapporten/2011/09/05/diginotar-public-report-version-1/rapport-fox-it-operation-black-tulip-v1-0.pdf. Accessed 1 Jan 2020

  5. Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, RFC 5280, May 2008. http://www.ietf.org/rfc/rfc5280.txt

  6. Laurie, B., Langley, A., Kasper, E.: Certificate Transparency, RFC 6962, June 2013. http://www.ietf.org/rfc/rfc6962.txt

  7. O’Hearn, Z.W.: Names: Distributed, Secure, Human-Readable: Choose Two. Zooko.com, 12 October 2001. https://web.archive.org/web/20011020191610/http://zooko.com/distnames.html. Accessed 15 Jan 2020

  8. “Namecoin,” Namecoin. https://namecoin.org. Accessed 15 Jan 2020

  9. “Telemetry Measurement Dashboard,” Mozilla. https://telemetry.mozilla.org. Accessed 24 Feb 2020

  10. Chung, T., et al.: Is the web ready for OCSP must-staple? In: Internet Measurement Conference 2018, pp. 105–118, Boston (2018)

    Google Scholar 

  11. Matsumoto, S., Reischuk, R.M.: IKP: turning PKI around with decentralized automated incentives. In: 2017 IEEE Symposium on Security and Privacy, pp. 410–426, San Jose (2017)

    Google Scholar 

  12. Li, W., Tug, S., Meng, W., Wang, Y.: Designing collaborative blockchained signature-based intrusion detection in IoT environments. Future Gener. Comput. Syst. 96, 481–489 (2019)

    Article  Google Scholar 

  13. Abdul-Rahman, A.: The PGP trust model. EFI-Forum: J. Electron. Commer. 10(3), 27–31 (1997)

    Google Scholar 

  14. Appelbaum J., Muffett A.: The onion Special-Use Domain Name, RFC 7686, October 2015. http://www.ietf.org/rfc/rfc7686.txt

  15. Ryabitsev, K.: PGP Web of Trust: Core Concepts Behind Trusted Communication, The Linux Foundation, 7 February 2014. https://www.linux.com/tutorials/pgp-web-trust-core-concepts-behind-trusted-communication/. Accessed 27 Feb 2020

  16. Karaarslan, E., Adiguzel, E.: Blockchain based DNS and PKI solutions. IEEE Commun. Stand. Mag. 2(3), 52–57 (2018)

    Article  Google Scholar 

  17. Kubilay, M.Y., Kiraz, M.S., Mantar, H.A.: CertLedger: a new PKI model with certificate transparency based on blockchain. Comput. Secur. 85, 333–352 (2019)

    Article  Google Scholar 

  18. NameID - Your Crypto-OpenID, NameID. https://nameid.org. Accessed 28 Feb 2020

  19. Orman, H.: Blockchain: the emperors new PKI? IEEE Internet Comput. 22(2), 23–28 (2018)

    Article  Google Scholar 

  20. Tewari, H., et al.: X509Cloud - framework for a ubiquitous PKI. In: MILCOM 2017–2017 IEEE Military Communications Conference (MILCOM), pp. 225–230, Baltimore (2017)

    Google Scholar 

  21. Ethereum Network Status: Ethereum Network Status. https://ethstats.net. Accessed 28 Feb 2020

  22. Bitcoin Stats: Blockchain.com. https://www.blockchain.com/stats. Accessed 28 Feb 2020

  23. Namecoin (NMC) price stats and information, BitInfoCharts. https://bitinfocharts.com/namecoin/. Accessed 28 Feb 2020

  24. Jakobsson, M., Juels, A.: Proofs of work and bread pudding protocols (extended abstract). In: Preneel, B. (ed.) Secure Information Networks. ITIFIP, vol. 23, pp. 258–272. Springer, Boston, MA (1999). https://doi.org/10.1007/978-0-387-35568-9_18

    Chapter  Google Scholar 

  25. Jiang, W., Li, H., Xu, G., Wen, M., Dong, G., Lin, X.: PTAS: privacy-preserving thin-client authentication scheme in blockchain-based PKI. Future Gener. Comput. Syst. 96, 185–195 (2019)

    Article  Google Scholar 

  26. Ye, C., Li, G., Cai, H., Gu, Y., Fukuda, A.: Analysis of security in blockchain: case study in 51%- attack detecting. In Proceedings of the 5th International Conference on Dependable Systems and Their Applications (DSA), pp. 15–24, Dalian (2018)

    Google Scholar 

  27. Li, W., Meng, W., Liu, Z., Au, M.H.: Towards blockchain-based software-defined networking: security challenges and solutions. IEICE Trans. Inf. Syst. E103CD(2), 196–203 (2020)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Applied Mathematics and Computer Science, Technical University of Denmark, Lyngby, Denmark

    Wei-Yang Chiu, Weizhi Meng & Christian D. Jensen

Authors
  1. Wei-Yang Chiu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Weizhi Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christian D. Jensen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weizhi Meng .

Editor information

Editors and Affiliations

  1. Tianjin University, Tianjin, China

    Guangquan Xu

  2. Delft University of Technology, Delft, The Netherlands

    Kaitai Liang

  3. University of Aizu, Aizuwakamatsu, Japan

    Chunhua Su

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chiu, WY., Meng, W., Jensen, C.D. (2020). NoPKI - a Point-to-Point Trusted Third Party Service Based on Blockchain Consensus Algorithm. In: Xu, G., Liang, K., Su, C. (eds) Frontiers in Cyber Security. FCS 2020. Communications in Computer and Information Science, vol 1286. Springer, Singapore. https://doi.org/10.1007/978-981-15-9739-8_16

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-9739-8_16

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-9738-1

  • Online ISBN: 978-981-15-9739-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics