Managing Identities Using Blockchains and CoSi


We combine collective signing and blockchains to create a secure and easy-to-use, decentralized SSH-key management system. The SSH management is done by a cothority that maintains a list of authoritative keys of the user. Whenever a change is needed, due to key rotation or lost/new devices, the user initiates an update where the cothority contacts the devices that control the keys and gets a signed approval of the new block. If a threshold (typically three or four) of devices agree on the change then the cothority transmits the individual signatures and the block which is then collectively signed by the cothority. This signature signifies the agreement of the cothority on witnessing enough proof that the keys should change and models a forward link, making the blockchain doubly-linked

9th Workshop on Hot Topics in Privacy Enhancing Technologies (HotPETs 2016)