Paper 2018/1232
Certificate Transparency Using Blockchain
D S V Madala, Mahabir Prasad Jhanwar, and Anupam Chattopadhyay
Abstract
The security of web communication via the SSL/TLS protocols relies on safe distributions of public keys associated with web domains in the form of $\mathsf{X.509}$ certificates. Certificate authorities (CAs) are trusted third parties that issue these certificates. However, the CA ecosystem is fragile and prone to compromises. Starting with Google's Certificate Transparency project, a number of research works have recently looked at adding transparency for better CA accountability, effectively through public logs of all certificates issued by certification authorities, to augment the current $\mathsf{X.509}$ certificate validation process into SSL/TLS. In this paper, leveraging recent progress in blockchain technology, we propose a novel system, called $\mathsf{CTB} $, that makes it impossible for a CA to issue a certificate for a domain without obtaining consent from the domain owner. We further make progress to equip $\mathsf{CTB}$ with certificate revocation mechanism. We implement $\mathsf{CTB}$ using IBM's Hyperledger Fabric blockchain platform. $\mathsf{CTB}$'s smart contract, written in Go, is provided for complete reference.
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Published elsewhere. BlockSEA 2018 The 1st Workshop on Blockchain and Sharing Economy Applications
- Keywords
- TLSBlockchainHyperledger
- Contact author(s)
- mahavir jhawar @ ashoka edu in
- History
- 2018-12-31: received
- Short URL
- https://ia.cr/2018/1232
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/1232,
author = {D S V Madala and Mahabir Prasad Jhanwar and Anupam Chattopadhyay},
title = {Certificate Transparency Using Blockchain},
howpublished = {Cryptology {ePrint} Archive, Paper 2018/1232},
year = {2018},
url = {https://eprint.iacr.org/2018/1232}
}
