Implementing a Smart Contract PKI
Public key infrastructures (PKIs) provide the foundations for securing Internet communications. Currently, PKIs are operated by centralized authorities, which have been involved in numerous security incidents. Blockchain or smart contract PKIs employ their distributed, fault-tolerant log of transact...
Gespeichert in:
Veröffentlicht in: | IEEE transactions on engineering management 2020-11, Vol.67 (4), p.1425-1443 |
---|---|
Hauptverfasser: | , , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | Public key infrastructures (PKIs) provide the foundations for securing Internet communications. Currently, PKIs are operated by centralized authorities, which have been involved in numerous security incidents. Blockchain or smart contract PKIs employ their distributed, fault-tolerant log of transactions to store either all identity records, or, constant-sized data to verify identity records stored off-chain. However, as most of these systems have never been implemented, there is little information regarding their practical implications. In this article, we implement, evaluate, and provide a complete security proof for the smart contract-based PKI of (Patsonakis et al. ) on Ethereum. This construction incurs constant-sized storage at the expense of computational complexity. To explore this tradeoff, we propose and implement a second construction which, eliminates the need for trusted setup, preserves its security properties and show that it is the only version with constant-sized state that can be deployed on Ethereum's live chain. We compare these constructions with the simple approach of storing all identity records on the smart contract's state, to illustrate several shortcomings of Ethereum and its cost model. We propose several modifications for fine tuning the model, which should be considered for any smart contract platform like Ethereum so that it may support arbitrary distributed applications. |
---|---|
ISSN: | 0018-9391 1558-0040 |
DOI: | 10.1109/TEM.2020.2972638 |