BlockPGP:基于区块链的PGP密钥服务器框架

2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW) Pub Date : 2018-11-01 DOI:10.1109/CANDARW.2018.00065

A. Yakubov, Wazen M. Shbair, R. State

{"title":"BlockPGP:基于区块链的PGP密钥服务器框架","authors":"A. Yakubov, Wazen M. Shbair, R. State","doi":"10.1109/CANDARW.2018.00065","DOIUrl":null,"url":null,"abstract":"Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards offering end-to-end encryption for email messages and other sensitive information. PGP allows to verify the identity of the correspondent in information exchange as well as the information integrity. PGP implements asymmetric encryption with certificates shared through a network of PGP key servers. Many recent breaches show that certificate infrastructure can be compromised as well as exposed to operational errors. In this paper we propose a new PGP management framework with the key server infrastructure implemented using blockchain technology. Our framework resolves some problems of PGP key servers focusing in particular on fast propagation of certificate revocation among key servers and elimination of man-in-the-middle risk. We also provided user access right control where only the certificate holder can change information related to the certificate. We designed and developed a prototype for key server deployment on permissioned Ethereum blockchain. Permissioned blockchain should allow to control the costs of PGP key server infrastructure maintenance at the present level.","PeriodicalId":329439,"journal":{"name":"2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"21","resultStr":"{\"title\":\"BlockPGP: A Blockchain-Based Framework for PGP Key Servers\",\"authors\":\"A. Yakubov, Wazen M. Shbair, R. State\",\"doi\":\"10.1109/CANDARW.2018.00065\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards offering end-to-end encryption for email messages and other sensitive information. PGP allows to verify the identity of the correspondent in information exchange as well as the information integrity. PGP implements asymmetric encryption with certificates shared through a network of PGP key servers. Many recent breaches show that certificate infrastructure can be compromised as well as exposed to operational errors. In this paper we propose a new PGP management framework with the key server infrastructure implemented using blockchain technology. Our framework resolves some problems of PGP key servers focusing in particular on fast propagation of certificate revocation among key servers and elimination of man-in-the-middle risk. We also provided user access right control where only the certificate holder can change information related to the certificate. We designed and developed a prototype for key server deployment on permissioned Ethereum blockchain. Permissioned blockchain should allow to control the costs of PGP key server infrastructure maintenance at the present level.\",\"PeriodicalId\":329439,\"journal\":{\"name\":\"2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)\",\"volume\":\"72 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"21\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CANDARW.2018.00065\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CANDARW.2018.00065","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 21

摘要

相当好的隐私(PGP)是最著名的加密标准之一，为电子邮件消息和其他敏感信息提供端到端加密。PGP允许在信息交换中验证通信方的身份以及信息的完整性。PGP使用通过PGP密钥服务器网络共享的证书实现非对称加密。最近的许多泄露事件表明，证书基础设施可能受到损害，并暴露于操作错误。本文提出了一种新的PGP管理框架，其关键服务器基础设施采用区块链技术实现。该框架解决了PGP密钥服务器存在的一些问题，重点解决了证书撤销在密钥服务器间的快速传播和中间人风险的消除。我们还提供了用户访问权限控制，其中只有证书持有者可以更改与证书相关的信息。我们设计并开发了一个原型，用于在允许的以太坊区块链上部署密钥服务器。被许可的区块链应该允许将PGP密钥服务器基础设施维护的成本控制在当前的水平。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

BlockPGP: A Blockchain-Based Framework for PGP Key Servers

Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards offering end-to-end encryption for email messages and other sensitive information. PGP allows to verify the identity of the correspondent in information exchange as well as the information integrity. PGP implements asymmetric encryption with certificates shared through a network of PGP key servers. Many recent breaches show that certificate infrastructure can be compromised as well as exposed to operational errors. In this paper we propose a new PGP management framework with the key server infrastructure implemented using blockchain technology. Our framework resolves some problems of PGP key servers focusing in particular on fast propagation of certificate revocation among key servers and elimination of man-in-the-middle risk. We also provided user access right control where only the certificate holder can change information related to the certificate. We designed and developed a prototype for key server deployment on permissioned Ethereum blockchain. Permissioned blockchain should allow to control the costs of PGP key server infrastructure maintenance at the present level.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)

自引率

0.00%

发文量