Visible to the public RDI: Real Digital Identity Based on Decentralized PKI

TitleRDI: Real Digital Identity Based on Decentralized PKI
Publication TypeConference Paper
Year of Publication2018
AuthorsBoontaetae, Pongpayak, Sangpetch, Akkarit, Sangpetch, Orathai
Conference Name2018 22nd International Computer Science and Engineering Conference (ICSEC)
Date Publishednov
Keywordsauthorisation, automobiles, blockchain, brute-force attack, decentralized PKI, decentralized PKI scheme, Digital identity, Human Behavior, Internet banking applications, message authentication, Metrics, Online banking, online transactions, PKI Trust Models, point of trust attack, pubcrawl, Public key, public key approach, public key binding, public key cryptography, RDI, Real Digital Identity based approach, Registers, Resiliency, Scalability, smart contract, smart contracts, trusted source certificate authorities, username-password approach
AbstractEstablishing a digital identity plays a vital part in the digital era. It is crucial to authenticate and identify the users in order to perform online transactions securely. For example, internet banking applications normally require a user to present a digital identity, e.g., username and password, to allow users to perform online transactions. However, the username-password approach has several downsides, e.g., susceptible to the brute-force attack. Public key binding using Certificate Authority (CA) is another common alternative to provide digital identity. Yet, the public key approach has a serious drawback: all CAs in the browser/OS' CA list are treated equally, and consequently, all trusts on the certificates could be invalidated by compromising only a single root CA's private key. We propose a Real Digital Identity based approach, or RDI, on decentralized PKI scheme. The core idea relies on a combination of well-known parties (e.g., a bank, a government agency) to certify the identity, instead of relying on a single CA. These parties, collectively known as Trusted Source Certificate Authorities (TSCA), formed a network of CAs. The generated certificates are stored in the blockchain controlled by smart contract. RDI creates a digital identity that can be trusted based on the TSCAs' challenge/response and it is also robust against a single point of trust attack on traditional CAs.
Citation Keyboontaetae_rdi:_2018