On the security of the Blockchain Bix Protocol and Certificates

The BIX protocol is a blockchain-based protocol that allows distribution of certificates linking a subject with his public key, hence providing a service similar to that of a PKI but without the need of a CA. In this paper we analyze the security of the BIX protocol in a formal way, in four steps. First, we identify formal security assumptions which are well-suited to this protocol. Second, we present some attack scenarios against the BIX protocol. Third, we provide a formal security proof that some of these attacks are not feasible under our previously established assumptions. Finally, we show how another attack may be carried on.