Working to deliver such kind of solution, REMME has developed a blockchain-based public key infrastructure (PKI) to securely exchange data between browsers and servers.
REMME is built upon the proven model of Public Key Infrastructure, placed on a network of trust in the form of a native blockchain, known as REMChain. It stores hash of public key and a record of its current state, be it valid or revoked, while private keys are stored on devices such as the user’s PC, smartphone, or an IoT device. “REMME has reconsidered the foundations of PKI by adding blockchain part. We replaced the Trust-by-Authority model with Trust-by-Computation model that allowed eliminating the need for organizations to trust a certificate authority—that are common to conventional PKIs,” explains Momot.
Apart from overcoming PKI issues, REMME is developing applications that will have a wide range of real-world uses. For example, for enterprises, instead of relying on passwords, REMME offers the white label authentication solution, based on the REMME protocol. It allows customers / employees to easily login into their web applications from any of their devices or Certificate Lifecycle Management solution (CLM) - as a part of comprehensive public keys management.
However, even forward-thinking CIOs are leveraging private blockchain for real-time recording, tracking, and sharing of information within their organizations due to challenges like scalability, complexity of implementation, and volatility of cryptocurrency prices that hinder the implementation of the so-called ‘true’ public blockchain. In addition, the protection of nodes—computers that store the partial copy or replica of the decentralized ledger—from malicious software and cyber attacks is an issue that causes organizations to question the security of DLT.
REMME has reconsidered the foundations of PKI by adding blockchain part to eliminate the single point of failure and the need for organizations to trust a certificate authority—that are common to conventional PKIs
Highlighting the impact of REMME’s solution on an enterprise is their success story with a supply chain business. Initially, the enterprise was finding difficulty in authenticating the validity of records that illustrated the passage of goods and all related actions that were executed in transit. With REMME’s PKI, the company could verify the legitimacy of the records by obtaining the necessary signatures from an entity with a public key matching the one stored on the REMChain. Further, the solution automated this process by offering the manufacturer the ability to place the private keys that are required for signing inside a sensor or a cryptographic chip.
Currently, REMME is collaborating with pilot plant participants to gain an understanding of the technical requirements and valuable feedback to improve their solution to match the needs of the market. Looking ahead, the company plans to launch their mainnet along with their certificate lifecycle management system and passwordless WebAuth solution for Enterprises by Q1 2019. “The integration of these components with REMME’s current offerings will enable the company to build a closed-loop system that has the benefits of decentralization, and provide the security community with a better way to protect, share, and utilize, sensitive information,” concludes Momot.