Digital certificates play a significant role in the current communication systems. However, with the limitations in the existing Certificate Management Frameworks (CMFs), such as single point of failure, the profound nature of existing certificates, and malicious Certificate Authorities (CAs), a novel framework is required to optimize certificate management. Even though blockchain is a popular approach in designing CMFs, they also failed to address all these limitations. There are no existing frameworks that distribute the functionality of the centralized CA to address these issues. Therefore, this paper proposes a blockchain-based, lightweight CMF while distributing the centralized certificate generation process among multiple parties. Certificate generation, validation, and revocation can be performed with our framework. We design the required secure communication protocols to deploy our framework in any blockchain. The proposed framework is implemented on top of a Hyperledger Fabric environment and performed a set of experiments to evaluate the performance of the framework. Also, a formal security analysis for the proposed communication protocols is provided using known security verification methods such as BAN logic and the Scyther tool.
Wijethilaka, S, Yadav, AK, Braeken, A & Liyanage, M 2023, A Novel Blockchain-based Decentralized Multi-party Certificate Management Framework. in J Hu, G Min & G Wang (eds), 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom/BigDataSE/CSE/EUC/iSCI 2023. International Conference on Trust, Security and Privacy in Computing and Communications, Institute of Electrical and Electronics Engineers Inc., pp. 1361-1368, 22nd IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2023, Exeter, United Kingdom, 1/11/23. https://doi.org/10.1109/TrustCom60117.2023.00186
Wijethilaka, S., Yadav, A. K., Braeken, A., & Liyanage, M. (2023). A Novel Blockchain-based Decentralized Multi-party Certificate Management Framework. In J. Hu, G. Min, & G. Wang (Eds.), 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom/BigDataSE/CSE/EUC/iSCI 2023 (pp. 1361-1368). (International Conference on Trust, Security and Privacy in Computing and Communications). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/TrustCom60117.2023.00186
@inproceedings{10037e385c8745008524f5b2fab6cc47,
title = "A Novel Blockchain-based Decentralized Multi-party Certificate Management Framework",
abstract = "Digital certificates play a significant role in the current communication systems. However, with the limitations in the existing Certificate Management Frameworks (CMFs), such as single point of failure, the profound nature of existing certificates, and malicious Certificate Authorities (CAs), a novel framework is required to optimize certificate management. Even though blockchain is a popular approach in designing CMFs, they also failed to address all these limitations. There are no existing frameworks that distribute the functionality of the centralized CA to address these issues. Therefore, this paper proposes a blockchain-based, lightweight CMF while distributing the centralized certificate generation process among multiple parties. Certificate generation, validation, and revocation can be performed with our framework. We design the required secure communication protocols to deploy our framework in any blockchain. The proposed framework is implemented on top of a Hyperledger Fabric environment and performed a set of experiments to evaluate the performance of the framework. Also, a formal security analysis for the proposed communication protocols is provided using known security verification methods such as BAN logic and the Scyther tool.",
keywords = "Blockchain, Certificates, Public Key Infrastructure, Security",
author = "Shalitha Wijethilaka and Yadav, {Awaneesh Kumar} and An Braeken and Madhusanka Liyanage",
note = "Funding Information: This work has been partly supported by European Union under CONFIDENTIAL-6G (Grant No: 101096435), and Science Foundation Ireland under CONNECT phase 2 (Grant no. 13/RC/2077 P2) projects. Publisher Copyright: {\textcopyright} 2023 IEEE.; 22nd IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2023 ; Conference date: 01-11-2023 Through 03-11-2023",
year = "2023",
doi = "10.1109/TrustCom60117.2023.00186",
language = "English",
isbn = "9798350382006",
series = "International Conference on Trust, Security and Privacy in Computing and Communications",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "1361--1368",
editor = "Jia Hu and Geyong Min and Guojun Wang",
booktitle = "2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom/BigDataSE/CSE/EUC/iSCI 2023",
address = "United States",
}