Privacy-awareness in blockchain-based PKI

Conventional public key infrastructure (PKI) designs are not optimal and contain security flaws; there is much work underway in improving PKI. The properties given by the Bitcoin blockchain and its derivatives are a natural solution to some of the problems with PKI - in particular, certificate transparency and elimination of single points of failure. Recently-proposed blockchain PKI designs are built as public ledgers linking identity with public key, giving no provision of privacy. We consider the suitability of a blockchain-based PKI for contexts in which PKI is required, but in which linking of identity with public key is undesirable; specifically, we show that blockchain can be used to construct a privacy-aware PKI while simultaneously eliminating some of the problems encountered in conventional PKI.

[1]  Roy H. Campbell,et al.  Towards Security and Privacy for Pervasive Computing , 2002, ISSS.

[2]  Ivan Visconti,et al.  An Anonymous Credential System and a Privacy-Aware PKI , 2003, ACISP.

[3]  Marcin Andrychowicz,et al.  Distributed Cryptography Based on the Proofs of Work , 2014, IACR Cryptol. ePrint Arch..

[4]  Wei Ren,et al.  Efficient user revocation for privacy-aware PKI , 2008, QShine '08.

[5]  Jan Camenisch,et al.  Untraceable RFID tags via insubvertible encryption , 2005, CCS '05.

[6]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[7]  Jonathan Katz,et al.  KeyChains: A Decentralized Public-Key Infrastructure , 2006 .

[8]  Roy H. Campbell,et al.  A flexible, privacy-preserving authentication framework for ubiquitous computing environments , 2002, Proceedings 22nd International Conference on Distributed Computing Systems Workshops.

[9]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[10]  Ghassan O. Karame,et al.  Evaluating User Privacy in Bitcoin , 2013, Financial Cryptography.

[11]  Ke Zeng,et al.  Pseudonymous PKI for Ubiquitous Computing , 2006, EuroPKI.

[12]  Dragos Velicanu,et al.  A Decentralized Public Key Infrastructure with Identity Retention , 2014, IACR Cryptol. ePrint Arch..

[13]  Elaine Shi,et al.  TACKing Together Efficient Authentication, Revocation, and Privacy in VANETs , 2009, 2009 6th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[14]  Brent Waters,et al.  Receiver anonymity via incomparable public keys , 2003, CCS '03.

[15]  Dragos Velicanu,et al.  CertCoin : A NameCoin Based Decentralized Authentication System 6 . 857 Class Project , 2014 .

[16]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[17]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[18]  Alex Pentland,et al.  Enigma: Decentralized Computation Platform with Guaranteed Privacy , 2015, ArXiv.

[19]  Kazuomi Oishi,et al.  Anonymous Public Key Certificates and their Applications , 1998 .