“Public key infrastructure (PKI) will soon run on blockchain technology”

Blockchain is the technology behind the digital currency Bitcoin, and it is believed to soon power a very wide range of different applications. The public key infrastructure (PKI) security method is used to implement strong authentication, data encryption and digital signatures. “I believe PKI soon will run on blockchain technology, since that will make PKI even more robust and trustworthy,” says Mohammad Alhaj Ali, who has done his master’s thesis on blockchain.

A blockchain is a distributed database that maintains a continuously growing list of ordered records, called blocks.

“A blockchain runs on tens of thousands of computers simultaneously, which eliminates the risk of attacks. In addition to this, the data in the database is read only-by design, which means that it is impossible to manipulate the data. Blockchain is also transparent since the code is open and accessible to anyone,” says Alhaj Ali, a student of Uppsala University, Sweden, who has done his master’s thesis at identity and security company Nexus Group.

Alhaj Ali investigated how blockchain technology can be used to timestamp files and documents, and also implemented, tested and delivered a fully functioning proof-of-concept timestamping service.

“Timestamping is used to prove that a certain file or digital document existed at a certain time. The files and documents can be anything from digital identities to digitized medical records,” says Alhaj Ali.

Nexus is not the only company interested in blockchain. For example, almost every major financial institution in the world is doing blockchain research at the moment, according to the IBM report “Leading the Pack in Blockchain Banking: Trailblazers Set the Pace.”

“Blockchain is a super interesting concept, since it eliminates the need for a trusted third party. Using blockchain, I can transfer money to you without using a bank. But banks can also benefit from using the technology. For example, it could let them update data in real-time, speed up transactions and lower costs by cutting out the middleman within areas such as consumer lending and retail payments,” says Alhaj Ali.

Download whitepaper How to choose the right security for LTE (4G) infrastructures                                                  

When it comes to PKI, Alhaj Ali believes that the basic set up will stay the same. That is, a certificate authority (CA) will issue and manage the certificates needed for the trusted digital identities that are required to implement strong authentication, data encryption and digital signatures.

“But instead of running a CA software on a computer, which requires backups, maintenance, etcetera, the CA will be run on a blockchain instead. When the single computer is replaced by a group of connected computers and when the code is accessible to anyone, PKI will be even more robust and trustworthy,” says Alhaj Ali.

Kim Freskgård, head of software development at Nexus, agrees that blockchain is a very interesting technology, but does not want to try to predict the future.

“We do a number of different blockchain experiments at the moment, and we will see where those takes us. But since blockchain offers increased security and trustworthiness, I am sure that the technology will play a very important role going forward,” says Freskgård.

Read the blog post How to use blockchain to power a timestamping service