Blockchain-based high transparent PKI authentication protocol
The public key infrastructure (PKI), as an significant component of the current Internet security infrastructure, guarantees the information transmission with the necessary authenticity, integrity, confidentiality and non-repudiation.However, the existing PKI also has shortcomings of excessive power...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2022-08-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022052 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529700914036736 |
|---|---|
| author | Liquan CHEN Xiao LI Zheyi YANG Sijie QIAN |
| author_facet | Liquan CHEN Xiao LI Zheyi YANG Sijie QIAN |
| author_sort | Liquan CHEN |
| collection | DOAJ |
| description | The public key infrastructure (PKI), as an significant component of the current Internet security infrastructure, guarantees the information transmission with the necessary authenticity, integrity, confidentiality and non-repudiation.However, the existing PKI also has shortcomings of excessive power of certification authority and difficulties in revoking and querying.Blockchain can be used to solve those problems by leveraging its advantages, such as decentralization, high transparency and flat structure.Furthermore, the ability and efficiency of the entire Internet to establish trust relationships may be improved.The transparent public key infrastructure (PKI) certification protocol based on the blockchain was proposed.The TS-PBFT algorithm was designed in the proposed protocol by adopting the threshold signature technology to the Practical Byzantine fault tolerance (PBFT) algorithm.The TS-PBFT algorithm reduced the communication overhead via reducing the communication complexity, strengthened the supervision via introducing external monitoring mechanism in the master node election of the view change protocol, and also improved the performance of the consensus mechanism via adding a batch processing mechanism.Moreover, a transparent blockchain-based PKI certification protocol was designed.The proposed protocol increased the security of certificate revocation and query, it also improved the efficiency of the certificate query by the introduction of counting bloom filters.Besides, the proposed protocol added audit function into the certificate lifecycle management.Accordingly, it can supervise the behavior of the certificate authority (CA), prompt it to improve security standards, and then achieve the purpose of limiting its authority.According to the security analysis and efficiency experiments, the proposed protocol was equipped with security properties, such as the resistance to spoofing certificate application attacks, and it achieved the best performance on TLS/SSL handshake time compared with existing PKI protocols. |
| format | Article |
| id | doaj-art-59b39917d6064ad9936be08b6e4d4f03 |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2022-08-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-59b39917d6064ad9936be08b6e4d4f032025-01-15T03:15:53ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2022-08-01811159573076Blockchain-based high transparent PKI authentication protocolLiquan CHENXiao LIZheyi YANGSijie QIANThe public key infrastructure (PKI), as an significant component of the current Internet security infrastructure, guarantees the information transmission with the necessary authenticity, integrity, confidentiality and non-repudiation.However, the existing PKI also has shortcomings of excessive power of certification authority and difficulties in revoking and querying.Blockchain can be used to solve those problems by leveraging its advantages, such as decentralization, high transparency and flat structure.Furthermore, the ability and efficiency of the entire Internet to establish trust relationships may be improved.The transparent public key infrastructure (PKI) certification protocol based on the blockchain was proposed.The TS-PBFT algorithm was designed in the proposed protocol by adopting the threshold signature technology to the Practical Byzantine fault tolerance (PBFT) algorithm.The TS-PBFT algorithm reduced the communication overhead via reducing the communication complexity, strengthened the supervision via introducing external monitoring mechanism in the master node election of the view change protocol, and also improved the performance of the consensus mechanism via adding a batch processing mechanism.Moreover, a transparent blockchain-based PKI certification protocol was designed.The proposed protocol increased the security of certificate revocation and query, it also improved the efficiency of the certificate query by the introduction of counting bloom filters.Besides, the proposed protocol added audit function into the certificate lifecycle management.Accordingly, it can supervise the behavior of the certificate authority (CA), prompt it to improve security standards, and then achieve the purpose of limiting its authority.According to the security analysis and efficiency experiments, the proposed protocol was equipped with security properties, such as the resistance to spoofing certificate application attacks, and it achieved the best performance on TLS/SSL handshake time compared with existing PKI protocols.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022052blockchainByzantine fault tolerantpublic key infrastructureauthentication protocol |
| spellingShingle | Liquan CHEN Xiao LI Zheyi YANG Sijie QIAN Blockchain-based high transparent PKI authentication protocol 网络与信息安全学报 blockchain Byzantine fault tolerant public key infrastructure authentication protocol |
| title | Blockchain-based high transparent PKI authentication protocol |
| title_full | Blockchain-based high transparent PKI authentication protocol |
| title_fullStr | Blockchain-based high transparent PKI authentication protocol |
| title_full_unstemmed | Blockchain-based high transparent PKI authentication protocol |
| title_short | Blockchain-based high transparent PKI authentication protocol |
| title_sort | blockchain based high transparent pki authentication protocol |
| topic | blockchain Byzantine fault tolerant public key infrastructure authentication protocol |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2022052 |
| work_keys_str_mv | AT liquanchen blockchainbasedhightransparentpkiauthenticationprotocol AT xiaoli blockchainbasedhightransparentpkiauthenticationprotocol AT zheyiyang blockchainbasedhightransparentpkiauthenticationprotocol AT sijieqian blockchainbasedhightransparentpkiauthenticationprotocol |