B. Kulynych, Marios Isaakidis, C. Troncoso, G. Danezis
{"title":"使用ClaimChains去中心化公钥基础设施","authors":"B. Kulynych, Marios Isaakidis, C. Troncoso, G. Danezis","doi":"10.1145/3267323.3268947","DOIUrl":null,"url":null,"abstract":"We present ClaimChains, a cryptographic construction useful for storing claims regarding users' key material and beliefs about the state of other users in a decentralized system. We use ClaimChains to build a decentralized public key infrastructure (PKI). ClaimChains maintain high integrity through the use of authenticated data structures, namely hash chains and Merkle trees, and ensure authenticity and non-repudiation through the use of digital signatures. We introduce the concept of cross-referencing of ClaimChains to efficiently and verifiably vouch for the state of other users in a decentralized system. ClaimChains use cryptographic protections to ensure the privacy of claims, i.e., to guarantee that they can only be read by the authorized users, and that ClaimChain owners can not equivocate about the state of other users. We discuss how ClaimChains support different degrees of PKI decentralization, to trade off key availability for privacy. We show that ClaimChains provide the sought security and privacy properties, and demonstrate that they have very reasonable computation and memory requirements using a prototype implementation. We evaluate the effectiveness of key propagation using a real email dataset in a fully decentralized setting, which offers the best privacy properties. Our results suggest that a high level of privacy comes at the cost of small coverage in terms of key distribution.","PeriodicalId":420133,"journal":{"name":"arXiv: Cryptography and Security","volume":"64 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Decentralizing Public Key Infrastructures with ClaimChains\",\"authors\":\"B. Kulynych, Marios Isaakidis, C. Troncoso, G. Danezis\",\"doi\":\"10.1145/3267323.3268947\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We present ClaimChains, a cryptographic construction useful for storing claims regarding users' key material and beliefs about the state of other users in a decentralized system. We use ClaimChains to build a decentralized public key infrastructure (PKI). ClaimChains maintain high integrity through the use of authenticated data structures, namely hash chains and Merkle trees, and ensure authenticity and non-repudiation through the use of digital signatures. We introduce the concept of cross-referencing of ClaimChains to efficiently and verifiably vouch for the state of other users in a decentralized system. ClaimChains use cryptographic protections to ensure the privacy of claims, i.e., to guarantee that they can only be read by the authorized users, and that ClaimChain owners can not equivocate about the state of other users. We discuss how ClaimChains support different degrees of PKI decentralization, to trade off key availability for privacy. We show that ClaimChains provide the sought security and privacy properties, and demonstrate that they have very reasonable computation and memory requirements using a prototype implementation. We evaluate the effectiveness of key propagation using a real email dataset in a fully decentralized setting, which offers the best privacy properties. Our results suggest that a high level of privacy comes at the cost of small coverage in terms of key distribution.\",\"PeriodicalId\":420133,\"journal\":{\"name\":\"arXiv: Cryptography and Security\",\"volume\":\"64 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-07-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv: Cryptography and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3267323.3268947\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv: Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3267323.3268947","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Decentralizing Public Key Infrastructures with ClaimChains
We present ClaimChains, a cryptographic construction useful for storing claims regarding users' key material and beliefs about the state of other users in a decentralized system. We use ClaimChains to build a decentralized public key infrastructure (PKI). ClaimChains maintain high integrity through the use of authenticated data structures, namely hash chains and Merkle trees, and ensure authenticity and non-repudiation through the use of digital signatures. We introduce the concept of cross-referencing of ClaimChains to efficiently and verifiably vouch for the state of other users in a decentralized system. ClaimChains use cryptographic protections to ensure the privacy of claims, i.e., to guarantee that they can only be read by the authorized users, and that ClaimChain owners can not equivocate about the state of other users. We discuss how ClaimChains support different degrees of PKI decentralization, to trade off key availability for privacy. We show that ClaimChains provide the sought security and privacy properties, and demonstrate that they have very reasonable computation and memory requirements using a prototype implementation. We evaluate the effectiveness of key propagation using a real email dataset in a fully decentralized setting, which offers the best privacy properties. Our results suggest that a high level of privacy comes at the cost of small coverage in terms of key distribution.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
