A Blockchain-Based PKI Management Framework

YAKUBOV, Alexander; SHBAIR, Wazen; Wallbom, Anders; Sanda, David; STATE, Radu

Communication publiée dans un ouvrage (Colloques, congrès, conférences scientifiques et actes)

YAKUBOV, Alexander; SHBAIR, Wazen; Wallbom, Anders et al.

2018 • In The First IEEE/IFIP International Workshop on Managing and Managed by Blockchain (Man2Block) colocated with IEEE/IFIP NOMS 2018, Tapei, Tawain 23-27 April 2018

Peer reviewed

Permalien
https://hdl.handle.net/10993/35468

Documents (1)Envoyer vers Détails Statistiques Bibliographie Publications similaires

Documents

Texte intégral

blockchain-based-pki.pdf

Postprint Auteur (128.71 kB)

Télécharger

Tous les documents dans ORBilu sont protégés par une licence d'utilisation.

Envoyer vers

RIS BibTex APA Chicago Permalink X Linkedin

Détails

Mots-clés :

Blockchain; PKI

Résumé :

[en] Public-Key Infrastructure (PKI) is the cornerstone technology that facilitates secure information exchange over the Internet. However, PKI is exposed to risks due to potential failures of Certificate Authorities (CAs) that may be used to issue unauthorized certificates for end-users. Many recent breaches show that if a CA is compromised, the security of the corresponding end-users will be in risk. As an emerging solution, Blockchain technology potentially resolves the problems of traditional PKI systems - in particular, elimination of single point-of-failure and rapid reaction to CAs shortcomings. Blockchain has the ability to store and manage digital certificates within a public and immutable ledger, resulting in a fully traceable history log. In this paper we designed and developed a blockchain-based PKI management framework for issuing, validating and revoking X.509 certificates. Evaluation and experimental results confirm that the proposed framework provides more reliable and robust PKI systems with modest maintenance costs.

Centre de recherche :

Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Services and Data management research group (SEDAN)

Disciplines :

Sciences informatiques

Auteur, co-auteur :

YAKUBOV, Alexander ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

SHBAIR, Wazen ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Wallbom, Anders; Nexus Group

Sanda, David; Nexus Group

STATE, Radu ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Co-auteurs externes :

yes

Langue du document :

Anglais

Titre :

A Blockchain-Based PKI Management Framework

Date de publication/diffusion :

2018

Nom de la manifestation :

IEEE/IFIP Man2Block

Organisateur de la manifestation :

IEEE/IFIP

Lieu de la manifestation :

Taipei, Taiwan

Date de la manifestation :

from 23-04-2018 to 27-04-2018

Manifestation à portée :

International

Titre de l'ouvrage principal :

The First IEEE/IFIP International Workshop on Managing and Managed by Blockchain (Man2Block) colocated with IEEE/IFIP NOMS 2018, Tapei, Tawain 23-27 April 2018

Peer reviewed :

Peer reviewed

Focus Area :

Computational Sciences

Disponible sur ORBilu :

depuis le 14 avril 2018

Statistiques

Nombre de vues

4061 (dont 27 Unilu)

Nombre de téléchargements

9595 (dont 24 Unilu)

Voir plus de statistiques

citations Scopus^®

159

citations Scopus^®
sans auto-citations

158

Bibliographie

J. Yu and M. Ryan, "Evaluating web pkis," in Software Architecture for Big Data and the Cloud. Elsevier, 2017, pp. 105-126.
D. Cooper, "Internet x. 509 public key infrastructure certificate and certificate revocation list (crl) profile," 2008.
H. Anada, J. Kawamoto, J. Weng, and K. Sakurai, "Identity-embedding method for decentralized public-key infrastructure," in International Conference on Trusted Systems. Springer, 2014, pp. 1-14.
J. Prins and B. U. Cybercrime, "Diginotar certificate authority breach'operation black tulip'," 2011.
B. Laurie, A. Langley, and E. Kasper, "Certificate transparency," Tech. Rep., 2013.
S. Matsumoto and R. M. Reischuk, "Ikp: Turning a pki around with blockchains." IACR Cryptology ePrint Archive, vol. 2016, p. 1018, 2016.
S. Matsumoto, P. Szalachowski, and A. Perrig, "Deployment challenges in log-based pki enhancements," in Proceedings of the Eighth European Workshop on System Security. ACM, 2015, p. 1.
K. Lewison and F. Corella, "Backing rich credentials with a blockchain pki," 2016.
L. Axon and M. Goldsmith, "PB-PKI: A privacy-aware blockchain-based PKI," in Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017)-Volume 4: SECRYPT, Madrid, Spain, July 24-26, 2017., 2017, pp. 311-318. [Online]. Available: https://doi.org/10.5220/0006419203110318
C. Fromknecht, D. Velicanu, and S. Yakoubov, "Certcoin: A namecoin based decentralized authentication system," Massachusetts Inst. Tech¬no!, Cambridge, MA, USA, Tech. Rep, vol. 6, 2014.
Mozilla included ca certificate list," 2017.
E. Androulaki, C. Cachin, A. D. Caro, A. Sorniotti, and M. Vukolic, "Permissioned blockchains and hyperledger fabric," ERCIM News, vol. 2017, no. 110, 2017. [Online]. Available: https://ercim-news.ercim.eu/ enllO/special/permissioned-blockchains-and-hyperledger-fabric
A. J. Nicholas Stifter and E. Weippl, "A holistic approach to smart contract security," ERCIM News, vol. 2017, no. 110, 2017. [Online]. Available: https://ercim-news.ercim.eu/enllO/special/ a-holistic-approach-to-smart-contract-security
M. Ali, J. C. Nelson, R. Shea, and M. J. Freedman, "Blockstack: A global naming and storage system secured by blockchains." in USENIX Annual Technical Conference, 2016, pp. 181-194.
M. Alicherry and A. D. Keromytis, "Doublecheck: Multi-path verifica¬tion against man-in-The-middle attacks," in Computers and communica¬tions, 2009. iscc 2009. ieee symposium on. IEEE, 2009, pp. 557-563.
Blockchain &cyber security, let's discuss," 2017. [On¬line]. Available: https://www2.deloitte.com/content/dam/Deloitte/ie/ Documents/Technology/IECBlockchainandCyberPOV0417.pdf