Enabling self-verifiable mutable content items in IPFS using Decentralized Identifiers

by   Nikos Fotiou, et al.

In IPFS content identifiers are constructed based on the item's data therefore the binding between an item's identifier and its data can be deterministically verified. Nevertheless, once an item is modified, its identifier also changes. Therefore when it comes to mutable content there is a need for keeping track of the "latest" IPFS identifier. This is achieved using naming protocols on top of IPFS, such as IPNS and DNSlink, that map a constant name to an IPFS identifier, allowing at the same time content owners to update these mappings. Nevertheless, IPNS relies on a cryptographic key pair that cannot be rotated, and DNSlink does not provide content authenticity protection. In this paper, we propose a naming protocol that combines DNSlink and decentralized identifiers to enable self-verifiable content items. Our protocol provides content authenticity without imposing any security requirement to DNSlink. Furthermore, our protocol prevent fake content even if attackers have access to the DNS server of the content owner or have access to the content owner secret keys. Our proof of concept implementation shows that our protocol is feasible and can be used with existing IPFS tools.



page 1

page 2

page 3

page 4


Exploring Widevine for Fun and Profit

For years, Digital Right Management (DRM) systems have been used as the ...

Clustering via Content-Augmented Stochastic Blockmodels

Much of the data being created on the web contains interactions between ...

Towards Decentralized IoT Updates Delivery Leveraging Blockchain and Zero-Knowledge Proofs

We propose CrowdPatching, a blockchain-based decentralized protocol, all...

Collusion Attacks on Decentralized Attributed-Based Encryption: Analyses and a Solution

Attribute-based Encryption (ABE) is an information centric security solu...

Short-Lived Forward-Secure Delegation for TLS

On today's Internet, combining the end-to-end security of TLS with Conte...

Enrich-by-need Protocol Analysis for Diffie-Hellman (Extended Version)

Enrich-by-need protocol analysis is a style of symbolic protocol analysi...

Exploiting Partial Order of Keys to Verify Security of a Vehicular Group Protocol

Vehicular networks will enable a range of novel applications to enhance ...

Code Repositories


did:self method specification

view repo
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.