A public-key infrastructure (PKI) gives us the ability to use machine identities in an asynchronous procedure to sign, encrypt, and subsequently verify information. A certificate authority (CA) serves as an intermediary for these transactions and guarantees the authenticity of the public key, making it possible for a recipient of data to validate the transaction’s content.
Although the CAs who generate keys and certificates for machine identities are designated as trusted third-parties, security researchers argue that in fact they are “corruptible central points of failure”, capable of compromising the integrity and security of the entire Internet. Since the control of the communication identifiers is given to CAs, the usability of those identifiers can also be compromised. These issues with corruptibility and usability cause additional problems, such as the increased corporate expenditures for fighting security breaches caused by misbehaving CAs, the lack of web-wide support of HTTPS and the absence of a truly secure and user-friendly communication.
In addition, PKIs have shortcomings, such as the insufficient identity verification process and the time and effort required to respond to CA misbehavior. The certificate revocation list (CRL) check can be based on an outdated list due to inadequate update cycle. Or the CRL/OCSP check can be disabled resulting in revoked certificates not being detected. The CRL distribution point (CDP) may become a single point of failure.
Finally, the security of online communications can be undermined because of the complexity of using traditional management for keys and certificates, which is further complicated by the risk of coercion or compromise of a CA. Because of these dangers, users who do not adequately protect their machine identities cannot be certain that their communications are not being compromised by a fraudulent certificate allowing a MITM (Man-in-the-Middle) attack.
One of the sources of these problems may be the centralized nature of PKI, which prevents the entities represented by these identifiers from truly controlling them, making it possible for third-parties to compromise their security.
The Internet Engineering Task Force (IETF) responsible for Web PKI itself has created a memo describing current issues of PKI agreeing that the current implementation of Web PKI has problems that shouldn’t be ignored. The out-of-date PKI design poses high security risks because a single point of failure can be used to open any encrypted online communication. Centralized PKI systems are struggling to keep up with the evolving digital landscape and there is a need for a better designed, decentralized approach to PKIs.
The above problems raise the question: Could these inadequacies be compensated for with blockchain technology? What do signatures, encryption, and entire PKIs have to do with the blockchain? The two basic functions of a blockchain are to authenticate or process transactions in a distributed network securely, and without a master node. That sounds quite similar to the purpose of a PKI. So, it is worthy of further investigation.
Blockchain is a distributed database of transactions (ledger) that maintains a growing list of records (blocks). Each entry in the list is linked to a previous entry (blockchain). This results in a so-called hash-tree or hash-calendar. As a rule, the list is distributed and publicly visible, i.e. neither confidential nor centralized.
Blockchain has a unique combination of properties that make it suitable for a number of applications: it is decentralized (it is controlled through majority consensus of members), and the transaction record is reliable (events recorded in the past cannot be altered without consensus of a majority of the network’s mining power). Proposed and existing applications include smart contracts, reputation systems and IoT device interactions. In theory, blockchain provides desirable security properties for PKI: certificate transparency and revocation, elimination of central points of failure and a reliable transaction record.
Building decentralized PKIs using blockchain removes the potential points-of-failure created by the use of CAs which, if subverted, can compromise entire certificate chains. Furthermore, blockchain-based PKI, as a public append-only log, provides the certificate transparency (CT) property implemented by Google to improve CA-based PKI security through public logging and monitoring of certificates.
A key characteristic of a PKI is the certified identification of people and organizations who have been issued a certificate for a key. At the moment, this is a service that the blockchain cannot easily provide although proposed workarounds exist, such as:
A big difference between using a PKI and how things work in a typical blockchain revolves around establishing the true identify of participants. PKI assures that a specific person or organization is actually registered as belonging to a specific technical account. On the other hand, the public key of a blockchain account represents an account whose true owner has not been identified beyond a doubt by any authority within the system. Transactions take place anonymously, even though trust in the processing of those transactions themselves is ensured by the system.
The focus of above approaches is on the implementation of a PKI within a blockchain or the functional replication of PKI identity verification for participants. None of the currently known approaches completely eliminates the necessity for a master node of some type. If we remove the requirement for the identification of individuals out of the equation, a traditional blockchain can replicate the signature functionality of a PKI for validating transactions. In addition, it provides the benefit that, with the consensus mechanism, no central CA is required, which considerably reduces the risk of an attack on that vector.