-
Notifications
You must be signed in to change notification settings - Fork 72
Why the blockchain
The use of blockchain in the Blockcerts approach isn't obvious to many people, who wonder why this can't be done with PKI. It can be done with PKI, but this describes the advantages Blockchain offers.
In Blockcerts, the issuer uses their digital signature to provide a credential to a recipient, identified by a recipient-owned public key, and issued on the blockchain. The recipient's credential contains the Merkle proof linking the credential with a specific blockchain transaction.
This is used to establish integrity of the credential; i.e. that it hasn't been tampered with. Additionally, the recipient-owned public key embedded in the credentials allows the recipient to prove ownership.
To establish authenticity, one must establish that the issuer owned the issuing key at the time the credential was issued. This is why a reliable timestamp is needed, expanded on below.
A reliable source of a timestamp, and the ability to be convinced of the correctness of this value, is clearly important in the case of a credential that expires, but it is also critical for a practical reason -- the issuer must be able to rotate issuing keys, on a regular basis as part of security best practices, but more critically in response to a key leak.
To determine that a credential was issued by the issuer, while that issuing key was valid, requires knowledge of the timestamp -- beyond anything written into the credential itself. Why? Because if the private key was leaked, there is nothing to prevent an attacker from issuing false credentials and backdating in the contents. That means, even if an issuer has publicly revoked the leaked credential, an independent verifier would not know the difference between a valid and invalid credential unless there were some additional reliable source of when the transaction took place.
This could be done through use of a timestamping authority (TSA) -- more commonly used in a PKI solution -- but that places a dependency on a trusted third party.
On the other hand, blockchain provides permanent, trusted timestamping by design. It requires massive computational effort -- rewriting the entire blockchain -- to tamper with the timestamps. So blockchain timestamps can prove existence of data before a certain point. Furthermore, it is a distributed ledger, and not dependent on a trusted party. This improves availability, ability to independently verify, and reduces single points of failure.