AuthLedger: A novel blockchain-based domain name authentication scheme

Zhi Guan; Abba Garba; Anran Li; Zhong Chen; Nesrine Kaaniche

doi:10.5220/0007366803450352

AuthLedger: A novel blockchain-based domain name authentication scheme

Zhi Guan, Abba Garba, Anran Li, Zhong Chen, Nesrine Kaaniche

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Nowadays public key infrastructure authentication mainly rely on certificate authorities and have to be trusted by both domain operators and domain owners. Domain Name System Security Extensions (DNSSEC) using DNS-based Authentication Name Entities (DANE) DNS records types, offer additional security for authenticating data and integrity to domain name system (DNS). This method allow client via signed statements to specify which CAs are authorized to represent certificate of a domain. Another method is Certificate Authority Authorizations (CAA) developed by Internet Engineering Task Force (IETF) to provide security guarantee against rogue certificate authorities that offer fake certificate for the domain. However, all of these approaches are prone to single point of failure due to their trust attached to infrastructure like Internet Corporation for Assigned Names and Numbers (ICANN). In order to weaken the level of trust to the CAs over certificates, it is necessary to balance the distribution rights among the entities and improve the control of certificate issuance for the certificate owners. Recently with the emergence of Blockchain, a public and distributed ledger, several applications appeared taking advantage of this powerful technology. In this paper, we present an AuthLedger a domain authentication scheme based on blockchain technology. The proposed scheme is multi-fold. First, we proposed a domain authentication scheme to reduce the level of trust in CAs. second, we implement our system using Ethereum smart contract. Third, we evaluate security and performance of the proposed system.

Original language	English
Title of host publication	ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy
Editors	Paolo Mori, Steven Furnell, Olivier Camp
Publisher	SciTePress
Pages	345-352
Number of pages	8
ISBN (Electronic)	9789897583599
DOIs	https://doi.org/10.5220/0007366803450352
Publication status	Published - 1 Jan 2019
Externally published	Yes
Event	5th International Conference on Information Systems Security and Privacy, ICISSP 2019 - Prague, Czech Republic Duration: 23 Feb 2019 → 25 Feb 2019

Publication series

Name	ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy

Conference

Conference	5th International Conference on Information Systems Security and Privacy, ICISSP 2019
Country/Territory	Czech Republic
City	Prague
Period	23/02/19 → 25/02/19

Keywords

Authentication
Blockchain
Cryptography
PKI

Access to Document

10.5220/0007366803450352

Cite this

Guan, Z., Garba, A., Li, A., Chen, Z., & Kaaniche, N. (2019). AuthLedger: A novel blockchain-based domain name authentication scheme. In P. Mori, S. Furnell, & O. Camp (Eds.), ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy (pp. 345-352). (ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy). SciTePress. https://doi.org/10.5220/0007366803450352

Guan, Zhi ; Garba, Abba ; Li, Anran et al. / AuthLedger : A novel blockchain-based domain name authentication scheme. ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy. editor / Paolo Mori ; Steven Furnell ; Olivier Camp. SciTePress, 2019. pp. 345-352 (ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy).

@inproceedings{49261f4d9e634cbda9c3422e12d35062,

title = "AuthLedger: A novel blockchain-based domain name authentication scheme",

abstract = "Nowadays public key infrastructure authentication mainly rely on certificate authorities and have to be trusted by both domain operators and domain owners. Domain Name System Security Extensions (DNSSEC) using DNS-based Authentication Name Entities (DANE) DNS records types, offer additional security for authenticating data and integrity to domain name system (DNS). This method allow client via signed statements to specify which CAs are authorized to represent certificate of a domain. Another method is Certificate Authority Authorizations (CAA) developed by Internet Engineering Task Force (IETF) to provide security guarantee against rogue certificate authorities that offer fake certificate for the domain. However, all of these approaches are prone to single point of failure due to their trust attached to infrastructure like Internet Corporation for Assigned Names and Numbers (ICANN). In order to weaken the level of trust to the CAs over certificates, it is necessary to balance the distribution rights among the entities and improve the control of certificate issuance for the certificate owners. Recently with the emergence of Blockchain, a public and distributed ledger, several applications appeared taking advantage of this powerful technology. In this paper, we present an AuthLedger a domain authentication scheme based on blockchain technology. The proposed scheme is multi-fold. First, we proposed a domain authentication scheme to reduce the level of trust in CAs. second, we implement our system using Ethereum smart contract. Third, we evaluate security and performance of the proposed system.",

keywords = "Authentication, Blockchain, Cryptography, PKI",

author = "Zhi Guan and Abba Garba and Anran Li and Zhong Chen and Nesrine Kaaniche",

note = "Publisher Copyright: {\textcopyright} 2019 by SCITEPRESS - Science and Technology Publications, Lda.; 5th International Conference on Information Systems Security and Privacy, ICISSP 2019 ; Conference date: 23-02-2019 Through 25-02-2019",

year = "2019",

month = jan,

day = "1",

doi = "10.5220/0007366803450352",

language = "English",

series = "ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy",

publisher = "SciTePress",

pages = "345--352",

editor = "Paolo Mori and Steven Furnell and Olivier Camp",

booktitle = "ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy",

}

Guan, Z, Garba, A, Li, A, Chen, Z & Kaaniche, N 2019, AuthLedger: A novel blockchain-based domain name authentication scheme. in P Mori, S Furnell & O Camp (eds), ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy. ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy, SciTePress, pp. 345-352, 5th International Conference on Information Systems Security and Privacy, ICISSP 2019, Prague, Czech Republic, 23/02/19. https://doi.org/10.5220/0007366803450352

AuthLedger: A novel blockchain-based domain name authentication scheme. / Guan, Zhi; Garba, Abba; Li, Anran et al.
ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy. ed. / Paolo Mori; Steven Furnell; Olivier Camp. SciTePress, 2019. p. 345-352 (ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - AuthLedger

T2 - 5th International Conference on Information Systems Security and Privacy, ICISSP 2019

AU - Guan, Zhi

AU - Garba, Abba

AU - Li, Anran

AU - Chen, Zhong

AU - Kaaniche, Nesrine

PY - 2019/1/1

Y1 - 2019/1/1

N2 - Nowadays public key infrastructure authentication mainly rely on certificate authorities and have to be trusted by both domain operators and domain owners. Domain Name System Security Extensions (DNSSEC) using DNS-based Authentication Name Entities (DANE) DNS records types, offer additional security for authenticating data and integrity to domain name system (DNS). This method allow client via signed statements to specify which CAs are authorized to represent certificate of a domain. Another method is Certificate Authority Authorizations (CAA) developed by Internet Engineering Task Force (IETF) to provide security guarantee against rogue certificate authorities that offer fake certificate for the domain. However, all of these approaches are prone to single point of failure due to their trust attached to infrastructure like Internet Corporation for Assigned Names and Numbers (ICANN). In order to weaken the level of trust to the CAs over certificates, it is necessary to balance the distribution rights among the entities and improve the control of certificate issuance for the certificate owners. Recently with the emergence of Blockchain, a public and distributed ledger, several applications appeared taking advantage of this powerful technology. In this paper, we present an AuthLedger a domain authentication scheme based on blockchain technology. The proposed scheme is multi-fold. First, we proposed a domain authentication scheme to reduce the level of trust in CAs. second, we implement our system using Ethereum smart contract. Third, we evaluate security and performance of the proposed system.

AB - Nowadays public key infrastructure authentication mainly rely on certificate authorities and have to be trusted by both domain operators and domain owners. Domain Name System Security Extensions (DNSSEC) using DNS-based Authentication Name Entities (DANE) DNS records types, offer additional security for authenticating data and integrity to domain name system (DNS). This method allow client via signed statements to specify which CAs are authorized to represent certificate of a domain. Another method is Certificate Authority Authorizations (CAA) developed by Internet Engineering Task Force (IETF) to provide security guarantee against rogue certificate authorities that offer fake certificate for the domain. However, all of these approaches are prone to single point of failure due to their trust attached to infrastructure like Internet Corporation for Assigned Names and Numbers (ICANN). In order to weaken the level of trust to the CAs over certificates, it is necessary to balance the distribution rights among the entities and improve the control of certificate issuance for the certificate owners. Recently with the emergence of Blockchain, a public and distributed ledger, several applications appeared taking advantage of this powerful technology. In this paper, we present an AuthLedger a domain authentication scheme based on blockchain technology. The proposed scheme is multi-fold. First, we proposed a domain authentication scheme to reduce the level of trust in CAs. second, we implement our system using Ethereum smart contract. Third, we evaluate security and performance of the proposed system.

KW - Authentication

KW - Blockchain

KW - Cryptography

KW - PKI

U2 - 10.5220/0007366803450352

DO - 10.5220/0007366803450352

M3 - Conference contribution

AN - SCOPUS:85064668086

T3 - ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy

SP - 345

EP - 352

BT - ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy

A2 - Mori, Paolo

A2 - Furnell, Steven

A2 - Camp, Olivier

PB - SciTePress

Y2 - 23 February 2019 through 25 February 2019

ER -

Guan Z, Garba A, Li A, Chen Z, Kaaniche N. AuthLedger: A novel blockchain-based domain name authentication scheme. In Mori P, Furnell S, Camp O, editors, ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy. SciTePress. 2019. p. 345-352. (ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy). doi: 10.5220/0007366803450352

AuthLedger: A novel blockchain-based domain name authentication scheme

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this