Formalizing and Safeguarding Blockchain-Based BlockVoke Protocol as an ACME Extension for Fast Certificate Revocation-Reference-Cited by-同舟云学术

Formalizing and Safeguarding Blockchain-Based BlockVoke Protocol as an ACME Extension for Fast Certificate Revocation

Published:2022-12-06 Issue:4 Volume:6 Page:63
ISSN:2410-387X
Container-title:Cryptography
language:en
Short-container-title:Cryptography

Author:

Sujatanagarjuna Anant^ORCID,Bochem Arne^ORCID,Leiding Benjamin^ORCID

Abstract

Certificates are integral to the security of today’s Internet. Protocols like BlockVoke allow secure, timely and efficient revocation of certificates that need to be invalidated. ACME, a scheme used by the non-profit Let’s Encrypt Certificate Authority to handle most parts of the certificate lifecycle, allows automatic and seamless certificate issuance. In this work, we bring together both protocols by describing and formalizing an extension of the ACME protocol to support BlockVoke, combining the benefits of ACME’s certificate lifecycle management and BlockVoke’s timely and secure revocations. We then formally verify this extension through formal methods such as Colored Petri Nets (CPNs) and conduct a risk and threat analysis of the ACME/BlockVoke extension using the ISSRM domain model. Identified risks and threats are mitigated to secure our novel extension. Furthermore, a proof-of-concept implementation of the ACME/BlockVoke extension is provided, bridging the gap towards deployment in the real world.

Publisher

MDPI AG

Subject

Applied Mathematics,Computational Theory and Mathematics,Computer Networks and Communications,Computer Science Applications,Software

Link

https://www.mdpi.com/2410-387X/6/4/63/pdf

Reference45 articles.

1. Bugzilla (2022, September 20). Bugzilla #1619179—Let’s Encrypt: Incomplete Revocation for CAA Rechecking Bug. Available online: https://bugzilla.mozilla.org/show_bug.cgi?id=1619179#c7.

2. Jacob Hoffman-Andrews (2022, September 20). Let’s Encrypt—29 February 2020 CAA Rechecking Bug. Available online: https://community.letsencrypt.org/t/2020-02-29-caa-rechecking-bug/114591.

3. JamesLE (2022, September 20). Let’s Encrypt – Revoking Certain Certificates on 4 March 2020. Available online: https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864.

4. A Formal Security Analysis of the Signal Messaging Protocol;Cremers;J. Cryptol.,2020

5. A Survey of Practical Formal Methods for Security;Kulik;Form. Asp. Comput.,2022