On the security of the Blockchain Bix Protocol and Certificates
Riccardo Longo, Federico Pintore, Giancarlo Rinaldo, Massimiliano Sala
TL;DR
This paper provides a formal security analysis of the BIX blockchain protocol for certificates, identifying potential vulnerabilities and proving the security of certain aspects while demonstrating possible attack vectors.
Contribution
It offers a formal security framework for BIX, including attack scenarios and proofs of security under specific assumptions, advancing understanding of blockchain-based certificate protocols.
Findings
Some attacks are infeasible under established assumptions
Certain attack vectors remain possible despite security proofs
The formal analysis clarifies security boundaries of BIX protocol
Abstract
The BIX protocol is a blockchain-based protocol that allows distribution of certificates linking a subject with his public key, hence providing a service similar to that of a PKI but without the need of a CA. In this paper we analyze the security of the BIX protocol in a formal way, in four steps. First, we identify formal security assumptions which are well-suited to this protocol. Second, we present some attack scenarios against the BIX protocol. Third, we provide a formal security proof that some of these attacks are not feasible under our previously established assumptions. Finally, we show how another attack may be carried on.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptography and Data Security · Advanced Authentication Protocols Security · Cryptographic Implementations and Security