Implementing a Smart Contract PKI

Public key infrastructures (PKIs) provide the foundations for securing Internet communications. Currently, PKIs are operated by centralized authorities, which have been involved in numerous security incidents. Blockchain or smart contract PKIs employ their distributed, fault-tolerant log of transactions to store either all identity records, or, constant-sized data to verify identity records stored off-chain. However, as most of these systems have never been implemented, there is little information regarding their practical implications. In this article, we implement, evaluate, and provide a complete security proof for the smart contract-based PKI of (Patsonakis et al.) on Ethereum. This construction incurs constant-sized storage at the expense of computational complexity. To explore this tradeoff, we propose and implement a second construction which, eliminates the need for trusted setup, preserves its security properties and show that it is the only version with constant-sized state that can be deployed on Ethereum's live chain. We compare these constructions with the simple approach of storing all identity records on the smart contract's state, to illustrate several shortcomings of Ethereum and its cost model. We propose several modifications for fine tuning the model, which should be considered for any smart contract platform like Ethereum so that it may support arbitrary distributed applications.

[1]  Ninghui Li,et al.  Universal Accumulators with Efficient Nonmembership Proofs , 2007, ACNS.

[2]  Aggelos Kiayias,et al.  On the Practicality of a Smart Contract PKI , 2019, 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON).

[3]  Joseph Bonneau,et al.  EthIKS: Using Ethereum to Audit a CONIKS Key Transparency Log , 2016, Financial Cryptography Workshops.

[4]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[5]  Qichao Zhang,et al.  A Blockchain-based key Management Scheme for Named Data Networking , 2018, 2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN).

[6]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[7]  Ze Wang,et al.  Blockchain-Based Certificate Transparency and Revocation Transparency , 2018, IEEE Transactions on Dependable and Secure Computing.

[8]  Dragos Velicanu,et al.  A Decentralized Public Key Infrastructure with Identity Retention , 2014, IACR Cryptol. ePrint Arch..

[9]  Raouf Boutaba,et al.  Conifer: Centrally-Managed PKI with Blockchain-Rooted Trust , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[10]  Marcos A. Kiwi,et al.  Strong accumulators from collision-resistant hashing , 2008, International Journal of Information Security.

[11]  Shai Halevi,et al.  Secure Hash-and-Sign Signatures Without the Random Oracle , 1999, EUROCRYPT.

[12]  Muneeb Ali,et al.  Blockstack: A Global Naming and Storage System Secured by Blockchains , 2016, USENIX Annual Technical Conference.

[13]  Mustafa Al-Bassam SCPKI: A Smart Contract-based PKI and Identity System , 2017 .

[14]  Raphael M. Reischuk,et al.  IKP: Turning a PKI Around with Decentralized Automated Incentives , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[15]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[16]  Michael J. Freedman,et al.  CONIKS: Bringing Key Transparency to End Users , 2015, USENIX Security Symposium.

[17]  Josh Benaloh,et al.  One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract) , 1994, EUROCRYPT.

[18]  Radu State,et al.  A blockchain-based PKI management framework , 2018, NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium.

[19]  Dan Boneh Solidity , 1973 .

[20]  Aggelos Kiayias,et al.  Towards a Smart Contract-based, Decentralized, Public-Key Infrastructure , 2018, IACR Cryptol. ePrint Arch..

[21]  Srinivas Devadas,et al.  Catena: Efficient Non-equivocation via Bitcoin , 2017, 2017 IEEE Symposium on Security and Privacy (SP).