Efficient Asynchronous Accumulators for Distributed PKI

“…Definition 5. A dynamic accumulator is sound (or simply secure) if it is difficult to fabricate a witness w x for a value x that has not been added to the accumulator [35,36]. More formally, for any security parameter λ and any stateful PPT adversary A with black-box access to AccAdd and AccDel oracles which take elements x 0 on accumulator a, we should have:…”

“…A key transaction item is valid and will be added to the blockchain only after that a consensus is achieved between t number of units that are already part of the DBPKI. Any efficient and sound dynamic Merkle-tree based accumulator such as those proposed in [35,36] can be used in the scheme.…”

A decentralized dynamic PKI based on blockchain

“…Definition 5. A dynamic accumulator is sound (or simply secure) if it is difficult to fabricate a witness w x for a value x that has not been added to the accumulator [35,36]. More formally, for any security parameter λ and any stateful PPT adversary A with black-box access to AccAdd and AccDel oracles which take elements x 0 on accumulator a, we should have:…”

“…A key transaction item is valid and will be added to the blockchain only after that a consensus is achieved between t number of units that are already part of the DBPKI. Any efficient and sound dynamic Merkle-tree based accumulator such as those proposed in [35,36] can be used in the scheme.…”

A decentralized dynamic PKI based on blockchain

“…The asynchronous Merkle tree accumulator explained in [18] effectively stores a list of all the public key of accepted vehicles in the network. Each individually mined block contains a Merkel tree (an efficient data structure) made up of all the acceptable vehicle's public keys, as described in…”

Eve, You Shall Not Get Access! A Cyber-Physical Blockchain Architecture for Electronic Toll Collection Security

“…Previous works have also considered anonymous PKIs: for example, generating pseudonyms[RPKC07] using a Certificate Authority and a separate Private Certificate Authority; however, this architecture is not coherent for a permissionless blockchain because both certificate authorities would be open to everyone and that would allow the easy linking of anonymous identities. Another recent proposal for a decentralised PKI based on a blockchain [PSRK18] does not provide anonymity, although it improves the work on cryptographic accumulators on blockchains started by Certcoin [FVY14,RY15]; another proposals introduce privacy-aware PKIs on blockchains[AG16, OP19], but they are not Sybil-resistant and do not re-use certificates from other CAs. Previously, BitNym [FWB15] introduced Sybil-resistant pseudonyms to Bitcoin, but a Trusted-Third Party must check the real identities of users before allowing the creation of a bounded number of valid genesis pseudonyms.…”

Zero-Knowledge Proof-of-Identity: Sybil-Resistant, Anonymous Authentication on Permissionless Blockchains and Incentive Compatible, Strictly Dominant Cryptocurrencies