Decentralized Digital Certificate Revocation System Based on Blockchain

Abstract

Current digital certification revocation systems are insufficient in the application scenario of multiple certification authorities (CAs), and it leads to a lack of mutual trust, access stability, and timeliness of data synchronization between CAs. We propose a decentralized digital certificate revocation system based on consortium blockchain technology with a secret sharing scheme. It can invalidate the digital certificate in special cases to protect the user's information and property security. Based on the characteristics of the decentralized consensus mechanism, consortium blockchain technology is the core technology of the system. The scheme achieves collaborative management of digital certificate revocation lists (CRLs) by multiple CAs, and introduces secret sharing scheme, further safeguarding the reliability of the maintenance process, and then the online certificate status protocol (OCSP) can be developed based on this system. This system is security, effective, and cannot be tampered. Compared with the traditional revocation scheme, it achieves trusted and reliable CRL system above multiple CAs, which can provide new ideas for the way of digital certificate revocation and expand the application range of blockchain technology.