BlockPKI: An Automated, Resilient, and Transparent Public-Key Infrastructure

TL;DR

BlockPKI introduces a blockchain-based public-key infrastructure that automates certificate issuance, enhances resilience and transparency, reduces reliance on central authorities, and increases accountability without adding new trusted third parties.

Contribution

It presents a novel blockchain-based system for public-key infrastructure that improves transparency, resilience, and accountability in digital certificate management.

Findings

Prototype implementation demonstrates practicality.

Evaluation shows increased transparency and resilience.

Reduces power of certification authorities.

Abstract

This paper describes BlockPKI, a blockchain-based public-key infrastructure that enables an automated, resilient, and transparent issuance of digital certificates. Our goal is to address several shortcomings of the current TLS infrastructure and its proposed extensions. In particular, we aim at reducing the power of individual certification authorities and make their actions publicly visible and accountable, without introducing yet another trusted third party. To demonstrate the benefits and practicality of our system, we present evaluation results and describe our prototype implementation.