Decentralised Public Key Infrastructure (DPKI)

Decentralised Public Key Infrastructure (DPKI)

Learn how and where you can use your digital identity
A Public Key Infrastructure (PKI) is commonplace on the internet, within financial institutions or anywhere that requires a level of security for verification. The premise of PKI is that anyone can verify a digital signature from anyone else, if you have access to the private keys corresponding public key. The two keys are cryptographically linked so that every private key has only one public key and vice versa.PKI relies on a small number of trusted certificate authorities (CAs) to be the root of trust. Online, our web browsers rely on a small number (hundreds) so that they can easily manage the number of CAs. In a web browser implementation, the owner of a private key, relating to the identity of a website, gives their public key to a CA who signs it with their own private key. The CA then issues a public key certificate. Web browsers check this public key certificate each time you connect to a secured website that offers encryption (HTTPS connections).
Decentralised Public Key
The problem with PKI

PKI is both cumbersome and costly to implement, with its centralised nature becoming a vulnerability, in terms of security but also as a singular point of failure. PKI effectively inserts a “middleman” into our digital trust infrastructure.

For regulated institutions or those seeking to implementing strong security models, a middleman is of concern. Risks are associated with CA incidents, CA service availability, CA service prices or the CA going into administration. Within the financial services market, PKI solutions are costly to implement and cumbersome, and costly to maintain. Many processes associated with PKI are manual and actually create risk points within the organisation. So how do we solve this?

The problem with PKI
The solution, DPKIps

A Decentralised root of trust, that nobody owns, but everyone can use is therefore the solution to a centralised PKI solution. The blockchain technology that ID Crypt Global utilises enables the re-imagination of the root of trust model. This is used to enable digital identities to be trusted and cryptographically verifiable, however it replaces a typical PKI solution. Opposed to relying on a CA for its cryptographic root of trust, with DPKI a consensus algorithm is used, operating over many different machines and replicated by many different entities in a decentralised network.

ID Crypt Global’s Patented DPKI implementation for Payment Systems and Financial Institutions (DPKIps), delivers a highly robust, automated, and secure Decentralized Public Key Cryptography solution. DPKIps was designed to enable regulated Financial Market Infrastructures (FMI’s), to implement a “Y” security model, providing greater levels of security and payment message integrity. However, DPKIps can be used for any solution that wants to remove the complexities, cost and risk associated with a traditional PKI solution.

The solution, DPKI

The result is a cryptographic ledger of immutable records.Each entry by ID Crypt Global is digitally signed by a private key, with the blockchain itself being used to store the associated public key. Each public key has its own address, this address is called a decentralised identifier (DID). DIDs are not rented from a service provider, rather they are issued and cannot be taken away from the controller of the associated private key. DID is a standard from the W3C.

DPKI provides cryptographic
New security models

The ID Crypt Global platform enables organisations to implement security models that remove the dependency on a CA, bringing added security, greater efficiency, and drastic improvements in the availability of services.

Talk to us about your security needs and learn how ID Crypt Global DPKI security services can secure your solutions while significantly removing operational overheads and costs.

News security models
Try our App now
ID Crypt App Store
ID Crypt Google Play