KeyChain: Blockchain-Based Key Distribution

End-to-End Encryption (E2EE) is widely used in messaging services to protect the security of messages, and most E2EE systems are implemented by asymmetric encryption. However, most mechanisms of public key distribution rely on centralized servers, which may cause leakage and tampering of messages if centralized servers are compromised. In this paper, we propose a decentralized key distribution protocol based on blockchain to solve this problem, and we call it KeyChain. Blockchain can build transparent systems without centralized servers and inherently resist tampering with high Byzantine fault tolerance, therefore it is employed in KeyChain to store public-key-to-id bindings. In addition, in KeyChain, every modification of the public key will be added to the blockchain, so that tampering behaviors can be traced; for the purpose of implementing Byzantine fault tolerance by a low computation cost, KeyChain employs Delegated Proof of Stake (DPOS) as the consensus mechanism to avoid waste of computing resources. Our experiments results show that KeyChain can distribute public keys within 1.3 seconds and only cost a client 0.262MB hard disk space in 24 hours.

[1]  Davor Svetinovic,et al.  Security and Privacy in Decentralized Energy Trading Through Multi-Signatures, Blockchain and Anonymous Messaging Streams , 2018, IEEE Transactions on Dependable and Secure Computing.

[2]  Evangelos P. Markatos,et al.  CCSP: A compressed certificate status protocol , 2017, IEEE INFOCOM 2017 - IEEE Conference on Computer Communications.

[3]  Joseph Bonneau,et al.  EthIKS: Using Ethereum to Audit a CONIKS Key Transparency Log , 2016, Financial Cryptography Workshops.

[4]  Angelos D. Keromytis,et al.  DoubleCheck: Multi-path verification against man-in-the-middle attacks , 2009, 2009 IEEE Symposium on Computers and Communications.

[5]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[6]  Srinivas Devadas,et al.  Catena: Efficient Non-equivocation via Bitcoin , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[7]  Mark Ryan,et al.  Enhanced Certificate Transparency and End-to-End Encrypted Mail , 2014, NDSS.

[8]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[9]  David Wolinsky,et al.  Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning , 2015, 2016 IEEE Symposium on Security and Privacy (SP).

[10]  Collin Jackson,et al.  Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure , 2013, WWW.

[11]  Michael J. Freedman,et al.  CONIKS: Bringing Key Transparency to End Users , 2015, USENIX Security Symposium.

[12]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.