Paper 2018/1232

Certificate Transparency Using Blockchain

D S V Madala, Mahabir Prasad Jhanwar, and Anupam Chattopadhyay


The security of web communication via the SSL/TLS protocols relies on safe distributions of public keys associated with web domains in the form of $\mathsf{X.509}$ certificates. Certificate authorities (CAs) are trusted third parties that issue these certificates. However, the CA ecosystem is fragile and prone to compromises. Starting with Google's Certificate Transparency project, a number of research works have recently looked at adding transparency for better CA accountability, effectively through public logs of all certificates issued by certification authorities, to augment the current $\mathsf{X.509}$ certificate validation process into SSL/TLS. In this paper, leveraging recent progress in blockchain technology, we propose a novel system, called $\mathsf{CTB} $, that makes it impossible for a CA to issue a certificate for a domain without obtaining consent from the domain owner. We further make progress to equip $\mathsf{CTB}$ with certificate revocation mechanism. We implement $\mathsf{CTB}$ using IBM's Hyperledger Fabric blockchain platform. $\mathsf{CTB}$'s smart contract, written in Go, is provided for complete reference.

Available format(s)
Publication info
Published elsewhere. BlockSEA 2018 The 1st Workshop on Blockchain and Sharing Economy Applications
Contact author(s)
mahavir jhawar @ ashoka edu in
2018-12-31: received
Short URL
Creative Commons Attribution


      author = {D S V  Madala and Mahabir Prasad Jhanwar and Anupam Chattopadhyay},
      title = {Certificate Transparency Using Blockchain},
      howpublished = {Cryptology ePrint Archive, Paper 2018/1232},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.