Abstract /

Blockchain has been Linked to bitcoin and cryptocurrency. new method with dealing
with information and make it hard to crack or hack system , it has the opportunity
to evolve with many aspects.
it has Many features it can save a lot of information and preserve it’s integrity,
traceable , tamper proof .

Introduction /
In past years many application based blackchin has been implemented specially in
the internet of thing iot combining it with blockchain has many features where it
can save the identities and analysis the behaviour of it .
Example of application : implementing DNS AND PKI systems - implementing and
control voting system to prevent manipulation.

Example of framework to generate and store identities , it focus on VANET, Iov and
iot in general.
Usually at the process of register autonomous vehicle (V2V), (V2I) privacy
preserving and key interchange are necessary for communication.

Examples of this include specific developments , system have third trusted party
ID-based cryptography with RSA , or multi certificate PKI , these developments
allow certain portability and privacy .

However, to maintain pseudo-anonymity, RIDRA ,a VANET's authentication framework,

uses randomized fake names to registers cars. A Central Authority that verifies
each entity of the V2V network and keep privacy and non-repudiation for each
vehicle.
ACPN networks developed similar method where Ca Central Authority generate
pseudonyms.
Also Caballero suggest another method by creating a self- managed VANET Through the
participation of the concerned users, suspicious  traffic events can be found and
warned about without the central authority.

Wireless Sensors Networks (WSN) is the main use of iot both domestic and industrial
.

However, if these systems don’t have suitable registration system, they are open to
attacks. suggests a framework to solve this issue by isolating the network
part that has been compromised without restricting access to information.To manage
decentralisation, the author suggest framework where information preserved on other
storage scheme , specially peer-to-peer network , The network itself defines these
schemes dynamically, and the essential data is kept in a self-management framework.
This framework work also on centralised , focus on minimizing communication and
registration related to battery use. Example To maintain self-certification without
having an excessive energy consumption in registered devices, work with normal
cryptography techniques and optimization algorithms.
The framework application paradigms mentioned for management are close of identity
but not too close it can’t manage and store credentials. Because it’s more
complicated, therefor all of these framework can not be used to generate and save
credentials, and most of decentralized frameworks rely on the participate of third
part which is against the idea of self- generation identities.

There is existing implementation of PKI and blockchain as trust network or as

certificate Authorities Storage facility or some kind of hybrid solution between
CA’s and PGP’s Web of Trust(WOT) with all the features of the blockchain smart
contracts.
However, all these frameworks consider blockchain as a static ledger ( used for
search and store) without dealing with it as security features.
By using blockchain as ledger and an essential component of security, not just to
store customized certificates but to generate them as well , without involving
third party .

3BI-ECC FRAMEWORK DESCRIPTION /

Is a system where with 3 related blockchains in tandem, and the ECC as a
cryptographi- cal tool set, users’ identities are all self-generated and self-
validated.
This means that the identities will be validated by their owner, with the
information belonging to the user who is willing to share it, without the
intervention of any trusted third party.

Fig. 1 explains the main structure of 3BI-ECC frame- work, where relations and main
interaction of all parties in system . Each blockchain has its own function to
improve security of searching and storage of identities in system and main features
for every Blockchain.

Author select network architecture of Escuela Politécnica Nacional (EPN) as

implementation scenario, since we own all the necessary components to demonstrate
all identity concepts and scenarios.
The EPN network now relies on various third organizations to operate their email
and document manager. None of theses systems counts with an Identity validation. If
any user requires to digitally sign any document, user must go to the national
central certifying entity, Banco Central del Ecuador (BCE) to acquire a
certificate.

Fig. 2 describes the primary architecture, which includes the three blockchains as
a distinctive Certificate Management System, and offers key pair creation and
storage for EPN's students, professors, and employees. And the main reason for
choose EPN network is to tes capacity of the design , EPN network system has two
main applications that depend on the user’s identity: E-Mail Server and Document
Storage Server. And these two System communities through certificate manager.

⁃ Self-Certification Blockchain: the core and main contribution of this

research, the structure will generate , all the certification systems for the other
two blockchains
⁃ Primary Blockchain: All identities will be stored in the main Full
Blockchain storage system when they are formed. It serves as the network's primary
repository.
⁃ Comparison Blockchain: Secondary storage system , known as revoked
blockchain where the relational program will keep all revoked IDs. The users of
this blockchain will never interact with it.
⁃ Administrative Relational Software: it will do in the interaction
between the network and users. To reduce interaction with the main blockchain and
safeguard all certificate revocations, middleware software is utilized in the
searching and revocation processes.

This architecture's major idea is to use the core blockchain to verify each self-
generated user certificate.
As we mention the core will generate and store set of certificates to handle as PKI
for services on institution. Through the identity manger it will initiate
identities for every person on system based on National Identity Service’s
information. The user must verify his own identity using the institutional email
that the Identity Manager of the EPN has provided.

Framework Initialization:
1- blockchain Initialization: Any identity management system requires some form of
primary external validation. The purpose of developing 3BI-ECC is to eliminate the
requirement for this outside validation. We use a prime blockchain as cornerstone
to validate network by itself, to contain core will choose random nodes , each node
generate key pair This core ledger uses random data and stores the self-signed
public key as a "super" certificate. These public keys are the strongest in system
and it will be used to verify other blockchain , the purpose is to make the network
independent and all validate identities internally.
To prevent possible violation of Core blockchain will contain:
• The ‘super’ certificate that will sign all the user’s keys.
• A hash of the block in the core blockchain where the certificate is stored.
• A hash of all core blockchain.
Every now and then it will check the hashes and check if it match the original
information and make sure the network is secure and unchanged .
Identity Generation and Storage: each user has the choice of choosing which
features to be represented in his identity as many as he like and as many he is
willing to share , each identity should have one to define the user , instead of
centralized authority to validate identity , each identity should be verify by its
owner, validation must be from user and independent network .
Combining Blockchain and its improvements, and ECC They might enhance the
significance of information storage and validation. Author mention using ECC Many
systems employ ECC because of how little compute, memory, and network resources are
used in its computations and storage. And mentioned that blockchain need some
improvement by changing some of main feature self-generated , modification must
come from validation of the storage of information, which is originally in
blockchain called proof of work(POW). We will modify it and implement it as
personal identity information in the form of a specific certificate.

Framework Functions:
Identity Storage: user can creat key pair through email, email’s password is the
seed of key pairs with ecc :
⁃ When Direccion de Gestion de Información y Pro- cesos (DGIP) creates a
new account, a default password is generated .
⁃ User must change when he receive his credentials.
⁃ To this password we use hash to get private key for user and allows the
association with a 4 characters PIN .
⁃ This pin will not be part of hash calculation , with ecc public key is
created from private key and stored in the decentralized blockchain created only
for public keys as customized certificates.

Identity Revocation: public key and email of user are stored as main identity, when
user lose password or it’s been compromised, the process of recovering its like
creating new key pairs from Identity Management System (DGIP) , and there is been
space for revoked keys so the old password will not be valid and will be private so
no one calculate hash. The only system that checks both blockchains to determine
which certificate is legitimate is the middleware (the one that is only stored in
the Full Blockchain).

Identity Searching: explain how to use system :

⁃ that key pair used to sign in or cipher emails, memorandums, stored
documents.or uses other system related .
⁃ To use it, you need valid password or pin .
⁃ Based of action done by user, system will use either public or private
key .
⁃ In all spaces, hash will be calculated and compared to the stored
credentials by middleware if it match, the user authorised to do action .
⁃ User have 3 times to submit before system assumes it’s identity theft .
ANALYSIS /

Security Analysis
The following factors are taken into account when evaluating the proposed
framework's security: identity privacy, node identification, attacks and key
agreement.
Identify privacy : preserving security from any internal and external malicious
party is so important, as we mentioned only the public key will be saved on
blockchain , when user need private key the system will calculate it . The creation
of the key is based on the user's uniqueness, maintaining the system's overall
anonymity.

Node identification: every nod store two or three blockchain, and they identify and
communications, and through unified network name will be used as one entity. Making
transparency of framework .
Attacks : decentralization blockchain and it’s features is important to maintain
framework security , framework having its own Proof of Work it will decline any
third part of trying to creat new branch and impersonating, private key will not be
stored in system . Because it calculate on-the-fly.

Type of Certificates: based on framework following X.509 doesn’t add much value to
the proposal , creating new type of certificate where actual identity is
managed ,it should identify features to make identity unique .

Efficiency analysis
Author’s new framework and architecture enable suggested solution to guarantee the
following aspects related to network identities:
Decentralization of identity management, self-validation of users and the
improvements of blockchain as a concept, allow users in the network to use their
uniqueness to generate their own personal credentials. It could be email , features
or biomedical features to avoid impersonations over the network.. The purpose is
self-validation, decentralization all identities .

CONCLUSION
part of the security of this research is with the user’s uniqueness, but not with
the user intervention. Improving blockchain mechanisms, in both public and private
distributions, is part of the evolution of independent decentralized technologies
and of the way Internet is understood nowadays. In this paper, we described a
solution to enhance the networking applications by taking into account blockchain-
based identity management while managing the lifecycle of these identities for
Authentication and Access Control procedures.

REFERENCES
[1] D. Maldonado-Ruiz, J. Torres, and N. El Madhoun, “3BI-ECC: a Decentralized
Identity Framework Based on Blockchain Tech- nology and Elliptic Curve
Cryptography,” 2020 2nd Conference on Blockchain Research & Applications for
Innovative Networks and Services (BRAINS), pp. 45–46, sep 2020.
[2] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008.
[3] D.DiFrancescoMaesaandP.Mori,“Blockchain3.0applications survey,” Journal of
Parallel and Distributed Computing, vol. 138, pp. 99–114, apr 2020.
[4] N. El Madhoun, J. Hatin, and E. Bertin, “A decision tree for building it
applications,” Annals of Telecommunications, pp. 1– 14, 2020.
[5] D. Maldonado-Ruiz, M. Badra, N. El Madhoun, and J. Torres, “Secure and
internet-less connectivity to a blockchain network for limited connectivity bank
users,” MSPN 2020: International Conference on Mobile, Secure and Programmable
Networking, 2020.
[6] A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain for IoT
security and privacy: The case study of a smart home,” 2017 IEEE International
Conference on Per- vasive Computing and Communications Workshops (PerCom
Workshops), pp. 618–623, mar 2017.
[7] D.W.KravitzandJ.Cooper,“Securinguseridentityandtransac- tions symbiotically:
IoT meets blockchain,” 2017 Global Internet of Things Summit (GIoTS), pp. 1–6, jun
2017.

[8] S. Bragagnolo, M. Marra, G. Polito, and E. Gonzalez Boix, “Towards scalable

blockchain analysis,” 2019 IEEE/ACM 2nd International Workshop on Emerging Trends
in Software Engi- neering for Blockchain (WETSEB), pp. 1–7, May 2019.
[9] L. Yue, H. Junqin, Q. Shengzhi, and W. Ruijin, “Big data model of security
sharing based on blockchain,” 2017 3rd International Conference on Big Data
Computing and Communications (BIG- COM), pp. 117–121, Aug 2017.
[10] E. Bandara, W. K. NG, K. De Soysa, N. Fernando, S. Tharaka, P.
Maurakirinathan, and N. Jayasuriya, “Mystiko—blockchain meets big data,” 2018 IEEE
International Conference on Big Data (Big Data), pp. 3024–3032, Dec 2018.
[11] H. Tewari, A. Hughes, S. Weber, and T. Barry, “X509Cloud — Framework for a
ubiquitous PKI,” MILCOM 2017 - 2017 IEEE Military Communications Conference
(MILCOM), pp. 225–230, 2017.
[12] E.KaraarslanandE.Adiguzel,“BlockchainBasedDNSandPKI Solutions,” IEEE
Communications Standards Magazine, vol. 2, no. 3, pp. 52–57, sep 2018.
[13] L. Axon and M. Goldsmith, “PB-PKI : a Privacy-Aware Blockchain-Based PKI,”
Proceedings of the 14th International Joint Conference on e-Business and
Telecommunications (ICETE 2017), vol. 4, pp. 311 —- 318, 2017.
[14] J. Won, A. Singla, E. Bertino, and G. Bollella, “Decentralized Public Key
Infrastructure for Internet-of-Things,” MILCOM 2018 - 2018 IEEE Military
Communications Conference (MILCOM), pp. 907–913, oct 2018.
[15] B. Shahzad and J. Crowcroft, “Trustworthy Electronic Voting Using Adjusted
Blockchain Technology,” IEEE Access, vol. 7, pp. 24 477–24 488, 2019.
[16] L. Carr, A. J. Newtson, and J. Joshi, “Towards Modernizing the Future of
American Voting,” 2018 IEEE 4th International Conference on Collaboration and
Internet Computing (CIC), pp. 130–135, oct 2018.
[17] R. Hanifatunnisa and B. Rahardjo, “Blockchain based e-voting recording system
design,” 2017 11th International Conference on Telecommunication Systems Services
and Applications (TSSA), pp. 1–6, oct 2017.
[18] C. G. Harris, “The risks and dangers of relying on blockchain technology in
underdeveloped countries,” NOMS - IEEE/IFIP Network Operations and Management
Symposium, pp. 1–4, apr 2018.
[19] Y. Liu, Y. Wang, and G. Chang, “Efficient Privacy-Preserving Dual
Authentication and Key Agreement Scheme for Secure V2V Communications in an IoV
Paradigm,” IEEE Transactions on Intelligent Transportation Systems, vol. 18, no.
10, pp. 2740– 2749, oct 2017.
[20] J. Choi and S. Jung, “A Security Framework with Strong Non- Repudiation and
Privacy in VANETs,” 2009 6th IEEE Consumer Communications and Networking
Conference, pp. 1–5, jan 2009.
[21] W.-T.ZhuandJ.Lin,“GeneratingCorrelatedDigitalCertificates: Framework and
Applications,” IEEE Transactions on Information Forensics and Security, vol. 11,
no. 6, pp. 1117–1127, jun 2016.
[22] C. Sun, J. Liu, Y. Jie, Y. Ma, and J. Ma, “Ridra: A Rigorous Decentralized
Randomized Authentication in VANETs,” IEEE Access, vol. 6, pp. 1–1, 2018.
[23] J. Li, H. Lu, and M. Guizani, “ACPN: A Novel Authentica- tion Framework with
Conditional Privacy-Preservation and Non- Repudiation for VANETs,” IEEE
Transactions on Parallel and Distributed Systems, vol. 26, no. 4, pp. 938–948, apr
2015.
[24] C. Caballero-Gil, J. Molina-Gil, P. Caballero-Gil, F. Martín- Fernández, and
D. Yanes-García, “Introducing secure and self- organized vehicular ad-hoc
networks,” Proceedings of the 12th International Conference on Computer Systems and
Technologies - CompSysTech ’11, pp. 454–459, 2011.
[25] A.-R. Sadeghi, C. Wachsmann, and M. Waidner, “Security and privacy challenges
in industrial internet of things,” Proceedings of the 52nd Annual Design Automation
Conference on - DAC ’15, vol. 17, pp. 1–6, 2015.
[26] I. Tomic ́, P.-Y. Chen, M. J. Breza, and J. A. McCann, “Antilizer: Run Time
Self-Healing Security for Wireless Sensor Networks,”
Proceedings of the 15th EAI International Conference on Mobile and Ubiquitous
Systems: Computing, Networking and Services - MobiQuitous ’18, pp. 107–116, 2018.
[27] R. Makhloufi, G. Doyen, G. Bonnet, and D. Gaïti, “Towards self-adaptive
management frameworks: The case of aggregated information monitoring,” 2011 7th
International Conference on Network and Service Management, CNSM 2011, pp. 474–478,
2011.
[28] M. O. Ozmen and A. A. Yavuz, “Low-Cost Standard Public Key Cryptography
Services for Wireless IoT Systems,” Proceedings of the 2017 Workshop on Internet of
Things Security and Privacy - IoTS&P ’17, pp. 65–70, 2017.
[29] K. Han and S. O. Hwang, “A PKI without TTP based on condi- tional trust in
blockchain,” Neural Computing and Applications, vol. 6, aug 2019.
[30] Z. Wan, Z. Guan, F. Zhuo, and H. Xian, “BKI: Towards Accountable and
Decentralized Public-Key Infrastructure with Blockchain,” Lecture Notes of the
Institute for Computer Sci- ences, Social-Informatics and Telecommunications
Engineering, LNICST, vol. 238, pp. 644–658, 2018.
[31] C.Patsonakis,K.Samari,M.Roussopoulos,andA.Kiayias,“To- wards a smart contract-
based, decentralized, public-key infras- tructure,” International Conference on
Cryptology and Network Security, pp. 299–321, 2017.
[32] P. Boontaetae, A. Sangpetch, and O. Sangpetch, “RDI: Real Digital Identity
Based on Decentralized PKI,” 2018 22nd Interna- tional Computer Science and
Engineering Conference (ICSEC), pp. 1–6, nov 2018.
[33] J. Chen, S. Yao, Q. Yuan, K. He, S. Ji, and R. Du, “CertChain: Public and
Efficient Certificate Audit Based on Blockchain for TLS Connections,” IEEE INFOCOM
2018 - IEEE Conference on Computer Communications, pp. 2060–2068, apr 2018.
[34] A. Sonnino and G. Sonnino, “Elliptic-Curves Cryptography on High-Dimensional
Surfaces,” International Journal of Advanced Engineering Research and Science, vol.
4, no. 2, pp. 140–146, 2017.
[35] D.Maldonado-Ruiz,E.Loza-Aguirre,andJ.Torres,“AProposal for an Improved
Distributed Architecture for OpenPGP’s Web of Trust,” 2018 International Conference
on Computational Science and Computational Intelligence (CSCI), pp. 77–81, dec
2018.