Today server authentication is largely handled through Public Key
Infrastructure (PKI) in both the private and the public sector. PKI is
established as the defacto standard for Internet communication through the
world wide web, and its usage in HTTPS, SSL/TLS (Web PKI). However, in
its application to Internet of Things (IoT) devices, using Web PKI
infrastructure for server authentication has several shortcomings, including
issues with validity periods, identity, revocation practice, and governance.
Recently, di erent approaches to decentralized PKI (DPKI) using
Blockchain technology have been proposed, but so far have lacked
practicality in their application to devices commonly used in IoT
deployments. The approaches are too resource intensive for IoT devices to
handle and even the “light client” protocols have not been resource e cient
enough to be practical. We present BlockQuick, a novel protocol for a
super-light client, which features reading blockchain data securely from a
remote client. BlockQuick requires less data for validation than existing
approaches, like PoPoW or FlyClient, while also providing e ective means to
protect against eclipse and MITM attacks on the network. BlockQuick
clients have low kilobyte RAM requirements, which are optimal for IoT
devices and applications with embedded MCUs.