| CPC H04L 9/0825 (2013.01) [H04L 9/0891 (2013.01); H04L 9/3242 (2013.01); H04L 9/3247 (2013.01); H04L 9/3263 (2013.01); H04L 9/50 (2022.05); H04L 2209/56 (2013.01)] | 14 Claims |
|
1. A method of authentication performed with a first lightweight node on a decentralized network that has a plurality of lightweight nodes, including at least the first lightweight node and a second lightweight node, the method comprising:
transmitting at least a first nonce to the second lightweight node;
receiving from the second lightweight node at least a public key associated with the second lightweight node, an identifier associated with a block of a blockchain in which an enrollment of the second lightweight node was recorded, an intermediate merkle tree hash associated with the second lightweight node, and a signature created with at least the first nonce and a private key associated with the second lightweight node;
determining if the block is referenced on a revocation list that identifies one or more revoked public keys, and:
(a) if the block is referenced then determining if a data merkle root stored on the revocation list for the block matches a data merkle root computed with at least the public key and the intermediate merkle tree hash; and
(b) if the two data merkle roots match then determining if a hash of the public key and a validity value indicating revocation matches a hash on the intermediate hash and responsive to a match determining that the public key is revoked and that the second lightweight node cannot be authenticated;
whereby:
if the block is not referenced on the revocation list, then determining if a data merkle root stored on the revocation list for the registered block matches a data merkle root computed with at least the public key and the intermediate merkle tree hash; and
if the block is referenced on the revocation list, determining that the public key is enrolled on the decentralized network.
|