Towards securing Public-Key Storage using Hyperledger Fabric

When given a cryptographic public verification key, a receiver needs to be sure about the authenticity of the sender. Whenever an adversary is able to replace a wellintended public verification key of one of two participants within a communication relationship, she is able to send maliciously signed messages, using her own secret key, thereby compromising the whole authorization system. To overcome these issues for small to medium-sized distributed sensor networks, we previously proposed the NFC-Key Exchange protocol. Using the NFC-KE challenge-response authorization scheme, an attacker will not be able to intercept any communication unless she is authorized by a centrally trusted authority. Though, the NFC-KE protocol considers only local file storages for the storing operations of the authorized public-keys. This approach is inherently vulnerable to any zero-day exploits that enable an attacker to infiltrate the filesystem. Additionally, once the central authority component is restarted or becomes corrupted, every previously exchanged key needs to be reauthenticated. By using the Distributed Ledger Technology (DLT) framework Hyperledger Fabric, this paper proposes a new extension concept for the NFC-KE protocol in order to enhance the security of the public-key store. By using this extension, the NFC-KE protocol gains increased tamperresistance and outage resilience, due to the decentralized nature of the DLT.