Thesis Defence: Blockchain-based Decentralized Public Key Infrastructure for Digital Credentials
June 20 at 9:00 am - 1:00 pm
Yuhao Huang, supervised by Dr. Chen Feng, will defend their thesis titled “Blockchain-based Decentralized Public Key Infrastructure for Digital Credentials” in partial fulfillment of the requirements for the degree of Master of Applied Science in Electrical Engineering.
An abstract for Yuhao Huang’s thesis is included below.
Defences are open to all members of the campus community as well as the general public. Please email chen.feng@ubc.ca to receive the Zoom link for this defence.
Abstract
Public Key Infrastructure (PKI), especially the X.509 standard, is the backbone of secure digital communication, providing essential services such as authentication, encryption, and digital signature verification. X.509 enables a certificate chain of trust, where Certificate Authorities (CAs) serve as the central trust anchors. While X.509 has proven to be effective in traditional centralized environments, it faces significant challenges such as single points of failure, vulnerability to CA breaches, and limited scalability in a globally distributed network. With the rise of decentralized technologies like blockchain, there is growing interest in developing Decentralized Public Key Infrastructure (DPKI) systems that eliminate these weaknesses by distributing trust across multiple entities. However, the majority of DPKI research either conflicts with X.509 standard, giving up CA as trust anchor, or focuses on general identity management. Especially, there are few research works concentrated on X.509 compatible DPKI systems designed for digital credentials.
This thesis addresses the gap by investigating the integration of DPKI with X.509 specifically for managing digital credentials. A thorough literature review identified Trustchain as the most relevant and advanced state-of-the-art framework addressing this topic. Trustchain employs blockchain technology for digital credential management but also exhibits key design limitations. Using Trustchain as a foundational benchmark, this thesis introduces BCChain, a modified DPKI system that enhances identity validation, and incorporates a multi-root architecture, advancing blockchain-based DPKI compatibility with X.509 while improving security and scalability. This thesis also proposes a use case in education by simulation to further illustrate the application of our system.
