Paper 2016/1018

IKP: Turning a PKI Around with Blockchains

Stephanos Matsumoto and Raphael M. Reischuk

Abstract

Man-in-the-middle attacks in TLS due to compromised CAs have been mitigated by log-based PKI enhancements such as Certificate Transparency. However, these log-based schemes do not offer sufficient incentives to logs and monitors, and do not offer any actions that domains can take in response to CA misbehavior. We propose IKP, a blockchain-based PKI enhancement that offers automatic responses to CA misbehavior and incentives for those who help detect misbehavior. IKP’s decentralized nature and smart contract system allows open participation, offers incentives for vigilance over CAs, and enables financial recourse against misbehavior. We demonstrate through a game theoretic model and through an Ethereum prototype implementation that the incentives and increased deterrence offered by IKP are technically and economically viable.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MINOR revision.
Keywords
public-key infrastructuresblockchainsmart contractsincentives
Contact author(s)
steve @ stevematsumoto net
History
2016-10-27: received
Short URL
https://ia.cr/2016/1018
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2016/1018,
      author = {Stephanos Matsumoto and Raphael M.  Reischuk},
      title = {{IKP}: Turning a {PKI} Around with Blockchains},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/1018},
      year = {2016},
      url = {https://eprint.iacr.org/2016/1018}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.