The advent of bitcoin introduced the world to a new concept of “immutability” that promotes the transparency and efficiency of financial transactions. Once data is stored, it can never be modified or deleted, on a permissionless blockchain such as that of bitcoin, where anyone can contribute to the process of confirmation of transactions, i.e. mining, and have a countable vote, without having to have any form of identity on the blockchain. However, business applications usually utilize platforms where users are required to create verified identities to be able to confirm transactions and have countable votes; such blockchains represent forms of “permissioned blockchains”.
The immutability of permissioned blockchains is often questionable as end users are not allowed to monitor or have a copy of the blockchain. A group of researchers have recently proposed the use the infrastructure of keyless signatures as an additional mechanism to promote irreversibility and irrefutability of the process of block confirmation, representing a global proof that guarantees long term immutability of transactions on a permissioned blockchain.
Keyless signatures represent an alternative to the PKI, or public key infrastructure. “Keyless” doesn’t imply that there are no cryptographic keys involved in the process of signature creation. Although keys are still utilized throughout the authentication process, verification of signatures is possible without assumption of continued secrecy of the encrypting keys. Due to the fact that keyless signatures are resistant to key compromise which guarantees long term validity of various forms of digital signatures such as those of bitcoin.
Although PKI signatures are often protected via timestamps, the time-stamping process is based on the PKI technology itself, so the problem of key compromise still exists. Along a keyless signatures’ infrastructure, identification of the signer of a transaction relies on asymmetric cryptography, yet the integrity of the digital signature is secured via keyless cryptography; this method is known as one-way collision-free hash functions, which represent forms of public key transformations without the involvement of any private keys.
A Keyless Signatures’ Infrastructure:
A keyless signatures’ infrastructure is implemented practically in the form of multi-signatures i.e. more than one document is signed at a given time. These 3 steps are involved in the signing process:
1- Hashing: The documents involved in the signing process are hashed and the value of the hashes are used to represent documents along the remaining steps of the process.
2- Aggregation: This involves the creation of a global temporary pre-round hash tree to represent all the documents that were involved during a signing round. The duration of the signing rounds is variable, yet the described implementation fixes the duration to one second.
3- Publication: The top hash values that represent the per-round aggregation trees are collectively secured via a perpetual hash tree, which is also known as hash calendar, and the top value of the hash tree is broadcast as a trust anchor.
To implement this protocol on a permissioned blockchain, an appropriate keyless signatures’ infrastructure (KSI) is utilized. This infrastructure is comprised of a group of aggregation servers arranged in layers, that all together create per-round global hash trees. The first layer of aggregation servers, which are known as the gateways, collect transactions’ requests, hash them into a hash tree and then send a request to higher level aggregation servers that includes the top hash value of the hash tree. The server will then await the response from aggregation servers in a higher level layer and then combines the received response with the appropriate hash chains derived from its own hash tree, to formulate and send responses to aggregation servers in lower level layers.
The researchers deployed the keyless signatures’ infrastructure on an experimental persmissioned blockchain and concluded that keyless signatures can promote immutability via ensuring irreversibility and irrefutability of cryptocurrency transactions. The implementation avoids single failure points and exhibited appropriately low and reasonable stable service latency. Keyless signatures provide a time stamping and digital signature service that is secure and can be suitable for a trustless community such as that of a permissioned blockchain. Hash trees and hash calendars render any attempted tampering visible to anyone using the platform, which solves the problem of immutability of all forms of permissioned blockchains.
No comments:
Post a Comment