3 Ways Blockchain Can Improve PKI
When it comes to technology buzzwords there are few bigger than blockchain. Speak with any overexcited technologist and you will get an hour lecture about how it is the future of secure transactions. The benefits of blockchain technology are that it is public, distributed, and tamper-resistant. Indeed blockchain technology is already being investigated for financial transactions such as wire transfers, micropayments and stock purchases. As a company focused on secure authentication, TELEGRID has identified 3 ways blockchain can improve PKI, as described in this white paper. This post provides highlights of key concepts involved.
#1 Storage of Server Certificates
The first of 3 ways blockchain can improve PKI is by storing server certificates in the blockchain to prevent man-in-the-middle attacks. Right now every PKI subject matter expert should be jumping up and down and yelling, “That is impossible because a Certificate Authority (CA) did not sign the certificate!” You are right but what if the CA was hacked. Sounds crazy right? Well, in 2011 the Dutch CA DigiNotar was hacked and, as was reported, the hacker issued themselves a *.google.com certificate.
#2 Distributed Revocation Checking
The second of 3 ways blockchain can improve PKI is with revocation checking. Revocation checking can be quicker and more secure if it is distributed globally in a blockchain and close to the client or server that is performing the revocation checking. Additionally, distributed revocation checking would resolve many of the privacy concerns related to PKI.
#3 Certificate Path Validation
The third of 3 ways blockchain can improve PKI is with certificate path validation and certificate trust stores. Imagine opening a newly installed web browser, and instead of having a set of CAs pre-installed by a single corporation, a user could choose to use a publicly validated set of blockchain-enabled distributed CAs.
Too often new technologies can only be implemented via “rip and replace”. Blockchain technology, on the other hand, is complimentary to PKI. It has the capability to improve the efficiency and security of PKI without altering certificates or how they are validated. The reason is that blockchain’s public, distributed, and tamper-resistant nature is perfectly aligned with those of PKI and public key cryptography. This is what makes blockchain technology so exciting for PKI applications. Wow, I sound like just another overexcited technologist.
To learn more download the white paper.
Eric Sharret is Vice President of Business Development at TELEGRID. TELEGRID has unique expertise in secure embedded systems, secure authentication, PKI, and Multi-Factor Authentication (MFA).
Disclaimer: The opinions expressed here do not represent those of TELEGRID Technologies, Inc. TELEGRID Technologies, Inc. will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use. All information is provided on an as-is basis.