We live in a highly digitized world. The Internet has become an integral part of our daily lives. According to Statista Survey, daily time spent on the internet worldwide has increased 65% since 2015. And these statistics aren’t surprising because either you have to get a new sweater in cold weather or order your favourite comfort food at midnight, all you have to do is make a click on Google. So, my question is, in that daily use of the internet, have you ever wondered if the communication between you and the website you are browsing is safe and private at all? What if another entity intervenes and starts representing itself as “Amazon.com” or any other website? What assures you that you are communicating with the right entity indeed and trusting it with your sensitive information like credit card information?
That's where the idea of public key infrastructure (PKI) comes in. Public key infrastructure employs a mechanism to enable secure communication and provides a way for the management of identities over the internet using centralized certificate authorities.
In this article, we will look at the working of centralized public key infrastructure. The issues with this choice of PKI and will further explore the concept of decentralized public key infrastructure. We will also see the role of Blockchain in transforming the traditional PKI design.
Any communication happening over the Internet must possess the following two properties for establishing trust:
To ensure both these properties for facilitating secure communication over the internet, key management mechanisms and trust models are devised that will be discussed in the next section.
People used Symmetric-key cryptography for secure communication before 1976. In that choice of cryptography, any communication happening between two parties is encrypted with a common key K. A key can easily decrypt or encrypt a message. This model requires sharing that key before any communication. However, for a dynamic environment like the internet sharing the key before communication is impractical. There is a scalability issue with the design choice. As the number of entities increases, key management becomes crucial. However, authenticity is trivial with this cryptography technique as only authenticated users can encrypt or decrypt a message and it is difficult for an adversary to eavesdrop the communication.
Asymmetric cryptography, also known as public-key cryptography came along to solve the scalability problem. Public-key cryptography uses two pairs of keys each for encryption and verification. The public is available for the public for encryption. A sender can encrypt the message using that public key, while the message can only be decrypted with the associated private key i.e. private to the receiver. See it like a box that has a lock with two keys. One key can only be used to lock that box, while the other can only be used to unlock the box. To verify the identity of a sender who is encrypting the message with the public key of the recipient, another pair of keys is used that is for verification. The sender signs the message with his private key and makes the associated public key available for everyone to verify his signature on the message. The problem with this cryptography technique was that the public key alone wasn't enough to ensure the verification of the sender's identity. If an adversary was able to compromise the private key of the sender, they can easily forge the identity of the sender and communicate with the receiver maliciously.
The notion of public key infrastructure was born to address this identity problem with asymmetric cryptography.
According to Wikipedia,
Public key infrastructure is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.
In simpler terms, public key infrastructure issues digital certificate against the public keys of entities for verifying them as valid entities. PKI has also the ability to revoke certificates in case the private key is compromised or any entity misbehaves. The traditional approach is introducing Certificate Authorities (CA) that performs the registration of entities for verifying that the "public key pk belongs to domain x". Certificate authorities work as a mean of providing trust in a network by signing the public key belonging to an entity with his signature. Anyone who trusts the certificate authority trusts the digital certificates issued by that certificate authority. A root certificate authority can also issue a certificate to other sub certificate authorities thus forming a chain of trust. Sub certificate authorities can also issue certificates to other sub-CAs and users. Moreover, CAs provide the flexibility of backing up the user's private key. Which means CAs help recover users' keys. This transfers the control of your identities and information to third-party CAs. In the past there have been several incidents where certificate authorities misbehaved or have been hacked, thus compromising the whole chain of trust. DigiNotar incident was one such example, where the DigiNotar (Dutch Certificate Authority) was hacked issuing subordinate certificates to customers, even allowing the customer to themselves issue certificates. Thus too much trust in CA raises red flags on the security of the network. Malicious CAs can even issue certificates to malicious software that appears valid to the browser and operating system during download but are malicious in real. Moreover, it allows the CAs to impersonate any domain and thus eavesdrop the communication happening to and from that particular domain. Hence, there is a need for more secure public key infrastructure to address these challenges.
The idea behind decentralized public key infrastructure is to use the properties of Blockchain to solve the challenges and security loopholes associated with traditional public key infrastructure. Blockchain solves these PKI problems with its three major properties:
This property can make the certificate issuance fully decentralized such that no single certificate authority manages the keys and certificate for any entity but the information is stored on a Blockchain that is distributed across the network.
This property can be used in PKI to give domain owners equal control over their domains. If any fake certificate is issued against their domain or there is any malicious activity going on, it is detected immediately in the network and by the domain owners. Moreover, no entity can falsely pretend to be another entity because domain owners are watching the certificate logs against their domain. In addition to that, any details about certificate revocation are immediately visible to the network.
Using this property we can maintain the credibility of the certificate. Certificates written on the Blockchain are immutable. Any tampering activity will be immediately visible to the network. CA's history and reputation are trackable with traversing the Blockchain.
Let's now discuss some of the popular implementations of decentralized public key infrastructure. Existing implementations of public key infrastructure on blockchain fall into three categories:
Certcoin which was the first implementation of decentralized public key infrastructure was built on Namecoin (which was the fork of Bitcoin). Certcoin uses two pairs of keys: online and offline. Online keys are used for any communication between entities on the internet, while offline keys are kept safe. In case of keys updation or revocation, the key owner must send the revocation or updation request signed by both online and offline secret keys. Any transactions happening in the system such as registration of certificates against public keys, revocation and updation of keys are validated mathematically by a distributed group of miners. This implementation provides identity retention, such as in order to forge an entity, an adversary must access both the online and offline keys and also dodge 50% of the miner nodes, that is pretty non-trivial. In this way, no centralized certificate authorities control the registration. Instead, a distributed group of miners issue certificates for the requesting entities. Moreover, it is non-trivial for the adversary to hack offline keys that are managed by the certificate owner himself. In addition to that, misbehaving of one miner in the network will not corrupt the whole network, as the certificates are issued by the consensus of the whole network.
Ethereum provides the flexibility to build distributed applications using the underlying consensus protocols of the Ethereum network. Distributed miner nodes run the logic of smart contract who achieve this. SCPI uses the web of trust model with Ethereum smart contracts for handling registration and verification of certificates. SCPI uses binding proof to provide proof of the private key bound to any entity. Smart contract functions handle registration request for a certificate. After registration of certificate, entities can sign the certificate using a distributed web of trust model. SCPI implementation also provides a merger of on-chain and off-chain data storage to save the data storage cost on the Blockchain, as every transaction in Ethereum implies a gas cost. Using Ethereum smart contracts for issuance of certificates have enabled to transfer the certificate issuance control to blockchain rather any central authorities. In SCPI, entities manage their own keys off-chain, thus no group of central authorities is directly controlling the keys.
There are various implementations of decentralized public key infrastructure that uses permissioned private Blockchain to maintain a distributed trustable peer-to-peer network of certificate authorities. CertLedger proposes one such implementation. CertLedger particularly focuses on mitigating the split world attacks associated with public key infrastructure using Blockchain. Split world attacks are governed by the adversary to maintain a fraudulent view of certificate and converging user traffic on that certificate by depicting it as a valid certificate. CertLedger uses permissioned Blockchain Ontology for handling split world attacks in public key infrastructure. Moreover, CertLedger maintains a transparent log of the certificate on Blockchain that is monitored by everyone and provides the added security for revocation of certificates. In addition to that, a private consortium of certificate authorities is introduced in CertCoin. The certificate authorities in private consortium are monitored by validator nodes. Thus if anyone single CA in a consortium misbehaves or show some abnormal activities in the network, it is immediately revoked by validator nodes and detected by the other CAs of the consortium.
To conclude, Blockchain-based decentralized public key infrastructure can be used to gain more control over your identity on the internet and mitigating attacks associated with certificate authorities. However, one of the major issues with Blockchain-based decentralized public key infrastructure is the retrieval of the data on Blockchain for the validation of certificates in real-time. As for retrieval purposes, every entity must store an instance of Blockchain for certificate verification. In current implementations, merkel trees and other data structures are used for fast retrieval. However, current Blockchain-based implementations of public key infrastructure are still at the research stage and lack the wider scope to replace the current centralized certificate authorities that have been a standard for decades. Want to dive more into the world of Blockchain?
Xord can help you build a Blockchain project and give you free Blockchain consultation, connect with us and get started now! Link: https://https://xord.solutions/contact/
DigiNotar incident ( https://www.theguardian.com/technology/2011/sep/05/diginotar-certificate-hack-cyberwar )
Namecoin (https://www.namecoin.org/ )
The web of trust ( https://www.techopedia.com/definition/13495/web-of-trust-wot)
CertLedger ( https://certledger.io/)
Ontology (ont.io )