Revisited—The Subliminal Channel in Blockchain and Its Application to IoT Security

Although digital signature has been a fundamental technology for cryptosystems, it still draws considerable attention from both academia and industry due to the recent raising interest in blockchains. This article revisits the subliminal channel existing digital signature and reviews its abuse risk of the constructor’s private key. From a different perspective on the subliminal channel, we find the new concept named the chamber of secrets in blockchains. The found concept, whereby the secret is hidden and later recovered by the constructor from the common transactions in a blockchain, highlights a new way to encourage implementing various applications to benefit efficiency and security. Thus, the proposed scheme benefits from the following advantages: (1) avoiding the high maintenance cost of certificate chain of certificate authority, or public key infrastructure, and (2) seamlessly integrating with blockchains using the property of chamber of secrets. In order to easily understand the superiority of this new concept, a remote authentication scenario is taken as a paradigm of IoT to demonstrate that the further advantages are achieved: (1) avoiding high demand for storage space in IoT devices, and (2) avoiding maintaining a sensitive table in IoT server.

Blockchain as a CA: A Provably Secure Signcryption Scheme Leveraging Blockchains

Although encryption and signatures have been two fundamental technologies for cryptosystems, they still receive considerable attention in academia due to the focus on reducing computational costs and communication overhead. In the past decade, applying certificateless signcryption schemes to solve the higher cost of maintaining the certificate chain issued by a certificate authority (CA) has been studied. With the recent increase in the interest in blockchains, signcryption is being revisited as a new possibility. The concepts of a blockchain as a CA and a transaction as a certificate proposed in this paper aim to use a blockchain without CAs or a trusted third party (TTP). The proposed provably secure signcryption scheme implements a designated recipient beforehand such that a sender can cryptographically facilitate the interoperation on the blockchain information with the designated recipient. Thus, the proposed scheme benefits from the following advantages: (1) it removes the high maintenance cost from involving CAs or a TTP, (2) it seamlessly integrates with blockchains, and (3) it provides confidential transactions. This paper also presents the theoretical security analysis and assesses the performance via the simulation results. Upon evaluating the operational cost in real currency based on Ethereum, the experimental results demonstrate that the proposed scheme only requires a small cost as a fee.

A blockchain approach to digital archiving: digital signature certification chain preservation

Purpose The short lifespan of digital signatures presents a challenge to the long-term preservation of digitally signed records. It can undermine attempts to presume, verify or assess their authenticity. This paper aims to investigate the challenges of the expiration of digital signatures in the context of digital archiving. Design/methodology/approach The paper identifies requirements for the long-term preservation of digitally signed records and compares them with the existing approaches. The characteristics, operational procedures and requirements of the technologies used for digital signatures are combined with the archival requirements to design a new model. Findings The paper proposes a new model of a blockchain-based system, which can be combined with any digital archive to assist the process of long-term preservation of digitally signed records. Practical implications The proposed model offers a new alternative to the current practice in the long-term preservation of digitally signed records, such as periodic resigning procedures or periodic wrapping of digitally signed records with archival timestamps. Originality/value The proposed TrustChain 2.0 model is based on previous research conducted as part of the InterPARES Trust project. It builds on TrustChain 1.0 by including digital signature certificate chain validity information in a blockchain thus avoiding the issues concerning records confidentiality and privacy information disclosure. The paper contributes not only to the development of archival science but also shows archival institutions on how to approach long-term preservation of digitally signed records.