Managing Identities Using Blockchains And CoSi

Eleftherios Kokoris-Kogias, Linus Gasser, Ismail Khoffi, Philipp Jovanovic, Nicolas Gailly, and Bryan Ford

Nowadays we have to identify ourselves to different services and devices, either by a login/password or in the case of SSH, with a public key. Often the same public-key is registered with different services and thus it is easy to track the user across different platforms. To enhance privacy, the user should use a separate SSH-keypair for each service, but this is difficult to manage. The goal of our system is to enable the user to use multiple accounts across his devices and to relieve some of these difficulties. This is applicable in multiple systems like PGP, or SSH, but we focus for the moment on SSH because it is widely-used both for connecting a user’s different machines (via remote login and scp) and for identifying the user (e.g., github). Specifically, we address the cases where the user (a) rotates keys for security purposes, (b) introduces new key-pairs in her online-presence, and (c) revokes key-pairs that she can no longer access.

The most straightforward way to use SSH is to create one SSH-key and copy it to every other device. However, controlling this one key enables an attacker to compromise all the user’s devices. On the contrary, the recommended practice is to create one key per host and to limit the damage an attacker can do when compromising one of the user’s devices, by configuring the key’s privileges to be a subset of the root privileges. A drawback is that this practice requires a user to update the access lists of numerous servers, or to delegate this to centrally managed services.

We combine collective signing and blockchains to create a secure and easy-to-use, decentralized SSH-key management system. The SSH management is done by a cothority that maintains a list of authoritative keys of the user. Whenever a change is needed, due to key rotation or lost/new devices, the user initiates an update where the cothority contacts the devices that control the keys and gets a signed approval of the new block. If a threshold (typically three or four) of devices agree on the change then the cothority transmits the individual signatures and the block which is then collectively signed by the cothority. This signature signifies the agreement of the cothority on witnessing enough proof that the keys should change and models a forward link, making the blockchain doubly-linked.