A Blockchain-Based Decentralized Public Key Infrastructure for Information-Centric Networks

Round 1

Reviewer 1 Report

The authors significantly improved the manuscript. I recommend adding the limitation of current work to the Conclusions section

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Reviewer 2 Report

Can be accepted.

Author Response

Dear reviewer,

We deeply appreciate the time and effort you’ve spent in reviewing our manuscript (ID: information-1684541). Thank you very much for  your positive evaluation of our work. 

Reviewer 3 Report

I have one concern about the choice of parameters for  construction. The authors use a modular group pp=(p.q.g.G,H) and also use an EC group.  In my view, this is wrong. I have no idea why the authors use two mathematical groups. In stead, one group in general description is good enough unless the authors have clearly stated the motivation.

Further, the soundness proof should be able to extract the solution to DLP.

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Round 2

Reviewer 3 Report

It is fortunate that this work was not submitted to top conference; Otherwise, the author WHO revised this work will receive the worst comments from me.

I don't like the revision because the author WHO revised this didn't show the professional and the respect.

I mentioned the two group descriptions and the author just revise the place I mentioned.  However,  the descriptions in other places still use  g^s and kQ. These two descriptions mean  you are still using two groups.

Author Response

Please see the attachment

Author Response File: Author Response.docx

This manuscript is a resubmission of an earlier submission. The following is a list of the peer review reports and author responses from that submission.

Round 1

Reviewer 1 Report

This paper presents, so called, a decentralized PKI scheme by combining the DID, Verifiable Credentials project and blockchain. The design goal is to optimize zero knowledge proof for the verifiable representation scheme when users prove their real-world identity without exposing privacy. 

However, I do not understand how the authors achieve their goal. In fact, it is difficult to follow the paper. I do not understand the benefit of the replacement the CL signature by the Schnorr signature. Moreover, the properties of CL signatures is different from the properties of Schnorr signatures. There is no security analysis for this replacement. The seucurity analysis presented in section 5 needs to be improved;  the security model needs to be clearly defined and the proof should be presented in the security model. I do not understand the role of blockchains. I do not know the meaning of a decentralized PKI. I do not see the optimization of zero knowledge proofs as the authors claim.

The paper seems not to be ready for the publication and needs to be revised a lot for its improvement. Thus, I suggest rejection of the paper.

Reviewer 2 Report

Decentralized PKI based on blockchain is an exciting theme. There seems to be no fatal flaw in the descriptions; however, the proposal and achievements are not fairly matched with this paper's provided title and claimed contributions. The proposed scheme assumes the issuers are online trusted parties who generate anonymous credentials (verifiable presentations) from the submitted documents. [CanDID] relaxed this assumption by introducing partially trusted but distributed committees to conduct secure computation for the anonymous credential generation process. Thus, my first comment is that if the authors claim that the proposed scheme is decentralized, they should tackle the problem of the decentralized generation of anonymous credentials as [CanDID] tried to achieve.   There are rooms to further improve for a revision, for example:

1. The proposed design and scheme need to compare with previous research addressing DIDs and PKI. It sounds like a promising idea to realize decentralized PKI based on blockchain; however, it was hard to be convinced how the proposal is scientifically novel.
2. A more detailed (mathematical) explanation would help readers to understand how the idea of utilizing the Zero-Knowledge Proof (ZKP) scheme in the context addresses the problem. Comparison with approaches in previous research might help.
3. Performance evaluation with the implementation helps to demonstrate how the scheme is powerful; however, the result described in this paper is not convincible. The delay time functions of the proposed scheme and the conventional CL-Signature scheme remain same order. i.e., linear, and the difference of their intercepts is only ~5 % (200 ms) in figure 8 in this paper.

[CanDID] D. Maram et al., "CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability," 2021 IEEE Symposium on Security and Privacy (SP), 2021, pp. 1348-1366, doi: 10.1109/SP40001.2021.00038.

Reviewer 3 Report

The decentralized Public key infrastructure scheme is presented in the paper. Shema is given by combining the decentralized identifier, verifiable credentials project and blockchain. The  paper is well structured. The paper contribution is underlined too.

The formatting should be improved. Please carefully check template. The references style should be improved too.

However, the authors analyzed in the experiments delay depends on Blockchain height. What is about number of queries?