Distributed, Trustless Timestamps
How adding the blockchain creates advantages over traditional PKI techniques.
For some engineers, it’s galling to see the blockchain being used as a notary to log non-financial transactions, particularly when Public Key Infrastructure (PKI) seems to have already solved the problems for making verified claims. While PKI alone could be used, we found that adding the blockchain provides a technical missing piece that results in better characteristics for both Issuers and Recipients of digital credentials.
In 2016, when we began collaborating on the Blockcerts standard, the cornerstone of the project was to create a recipient-centric approach for issuing official records, consistent with the principles of self-sovereign identity. This resulted in digital credentials needing to have the following characteristics:
- Independence: The recipient owns the credential, and does not require the issuer or 3rd party to be involved after receiving the credential.
- Ownership: The recipient may prove ownership of the credential
- Control: The recipient has control over how they curate credentials they own. They may choose to associate credentials with an established profile they own, or not.
- Verifiability: The credential must be verifiable by 3rd parties, even within a trustless environment.
- Permanence: The credential must be a permanent record that can reliably last a lifetime.
At the same time, we learned the following characteristics are needed for the credentialing system to be useful to an Issuer:
- Proof: Issuer must be able to prove they issued the credential.
- Expiration: Issuer must be able to set expiration date of credential.
- Revocation: Issuer must be able to revoke credentials.
- Security: The system is secure and imposes minimal ongoing burden.
Additionally, if the credential is going to have utility for 3rd parties, they must be convinced of the credential’s veracity:
- Integrity: The content of the credential hasn’t been altered.
- Authenticity: The Issuer is who the certificate claims and has not been forged.
The Timestamp and Key Rotation
A reliable timestamp is clearly important in the case of a credential that expires, but an independently stored timestamp is also critical for Issuers to rotate their issuing keys — a security requirement.
Verifying a credential requires checking that it originated from a particular Issuer while that issuing key was valid. This requires knowledge of the timestamp beyond anything written into the credential itself.
If a private key is ever compromised, nothing prevents an attacker from issuing fake credentials and backdating in the content. Even if an Issuer publicly revoked those fake credentials, an independent verifier would not know the difference between a valid and invalid credential, unless there were some reliable source of when the transaction took place. In traditional PKI techniques, this could be done through use of a time stamping authority (TSA), but that places a dependency on a trusted third party.
On the other hand, the blockchain provides a permanent and trusted timestamp by design. To undermine this timestamp would require massive computational effort — rewriting the entire blockchain — to tamper with data before a certain point. So, the blockchain provides an independent timestamp for when each credential was conferred to a Recipient. This ultimately gives Issuers the ability to rotate their issuing keys without undermining the ability of 3rd parties to reliably verify transactions.
Furthermore, the blockchain is a distributed ledger that does not depend on any trusted party like a Certificate Authority. The effect is improved availability, the capacity to independently verify, and redundancy that avoids single points of failure.
Overall, the blockchain offers promising enhancements over traditional PKI techniques which help reach security goals while enabling individuals to hold their own official records, independent of any authority.