TY - GEN
T1 - Mirroring Public Key Infrastructures to Blockchains for On-Chain Authentication
AU - Gallersdörfer, Ulrich
AU - Groschupp, Friederike
AU - Matthes, Florian
N1 - Publisher Copyright:
© 2021, International Financial Cryptography Association.
PY - 2021
Y1 - 2021
N2 - In blockchain systems, the lack of established identity management processes pose a problem for applications requiring smart contract owners to be authenticated. One issue that previously proposed solutions face is the accumulation of a critical mass of trusted data that makes the system usable. In this work, we propose an identity assertion and verification framework for Ethereum that overcomes this bootstrapping problem. It achieves this by leveraging TLS certificates, which are part of the established infrastructure that is commonly used for authenticating internet connections. We design and implement an TLS certificate-based authentication framework whose key features are the smart contract-based validation and storage of certificates and address-identity bindings. Looking at the current TLS ecosystem, we find that a large share of all domain certificates is issued by a small number of intermediate and root certificates. Therefore, we decide to store and maintain certificates in one smart contract to minimize processing costs. The evaluation of our prototype implementation shows that the associated cost of our system is within a feasible operating range, with the costs of submitting a new certificate currently averaging around $1.81 and the cost of creating an address-identity binding averaging around $1.32. Our system is a pragmatic and, most importantly, quickly bootstrapped method for an identity assertion and verification framework for Ethereum.
AB - In blockchain systems, the lack of established identity management processes pose a problem for applications requiring smart contract owners to be authenticated. One issue that previously proposed solutions face is the accumulation of a critical mass of trusted data that makes the system usable. In this work, we propose an identity assertion and verification framework for Ethereum that overcomes this bootstrapping problem. It achieves this by leveraging TLS certificates, which are part of the established infrastructure that is commonly used for authenticating internet connections. We design and implement an TLS certificate-based authentication framework whose key features are the smart contract-based validation and storage of certificates and address-identity bindings. Looking at the current TLS ecosystem, we find that a large share of all domain certificates is issued by a small number of intermediate and root certificates. Therefore, we decide to store and maintain certificates in one smart contract to minimize processing costs. The evaluation of our prototype implementation shows that the associated cost of our system is within a feasible operating range, with the costs of submitting a new certificate currently averaging around $1.81 and the cost of creating an address-identity binding averaging around $1.32. Our system is a pragmatic and, most importantly, quickly bootstrapped method for an identity assertion and verification framework for Ethereum.
KW - Authentication
KW - Blockchain
KW - Certificates
KW - Ethereum
KW - Smart contracts
UR - http://www.scopus.com/inward/record.url?scp=85115873085&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-63958-0_33
DO - 10.1007/978-3-662-63958-0_33
M3 - Conference contribution
AN - SCOPUS:85115873085
SN - 9783662639573
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 415
EP - 430
BT - Financial Cryptography and Data Security. FC 2021 International Workshops - CoDecFin, DeFi, VOTING, and WTSC, Revised Selected Papers
A2 - Bernhard, Matthew
A2 - Bracciali, Andrea
A2 - Gudgeon, Lewis
A2 - Haines, Thomas
A2 - Klages-Mundt, Ariah
A2 - Matsuo, Shin'ichiro
A2 - Perez, Daniel
A2 - Sala, Massimiliano
A2 - Werner, Sam
PB - Springer Science and Business Media Deutschland GmbH
T2 - 2nd Workshop on Coordination of Decentralized Finance, CoDecFin 2021, 1st Workshop on Decentralized Finance, DeFi 2021, 6th Workshop on Advances in Secure Electronic Voting, VOTING 2021, and 5th Workshop on Trusted Smart Contracts, WTSC 2021, held in conjunction with the 25th International Conference on Financial Cryptography and Data Security, FC 2021
Y2 - 5 March 2021 through 5 March 2021
ER -