Versions Compared

Old Version 17

changes.mady.by.user harsh jain

Saved on

compared with

New Version 18

changes.mady.by.user harsh jain

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Broader Goals for first Evaluation 
    •  Understanding CTB design (https://eprint.iacr.org/2018/1232)
    •  Running the existing proof-of-concept code for Hyperledger based CTB (HLCTB) network
    •  Building a proof-of-concept client/server application supporting HLCTB-assisted SSL/TLS connection


  • Work done

    • May 27 - June 2

      •  Meeting with Prof. mahavir jhawar - Introduction and understanding the project 
      •  Premier on using openssl for generating certificates and signing certificates by certificate authority.
      •  Read paper on CTB by mahavir jhawar: https://eprint.iacr.org/2018/1232.pdf
      •  Revisit Hyperledger key concepts: https://hyperledger-fabric.readthedocs.io/en/release-1.4/key_concepts.html
      •  Understand the structure of crypto-config folder where certificate for identity management are stored.  (WIP)
      •  Run CTB network with two CA and browser organisations. Able to add certificate and query them.
      •  Reissue certificate while the previous one is active. I have gone through the go chaincode, VerifyPKCS1v15  is at heart of reissuing certificate. But I am not able to understand what the signCert exactly is? Whether it is sign of newcertstring or newcertfile or sha256 of newcert using the current public key. 
      • openssl dgst -sha256 -sign currentCert.key -out sign.txt newCert.crt , but this produces binary output and VerifyPKCS1v15 is returning false.

      June 3 - June 9

      •  Create a github repository with POC of CTB network using hyperledger
      •  Reported issue related Wrong port number in build your first network 
        Jira
        serverHyperledger JIRA
        serverId6326cb0b-65b2-38fd-a82c-67a89277103b
        keyFAB-15602
      •  Understanding and running the basic-network, first-network and fabcar application of fabric-samples
      •  Write a blog on structure of crypto-config and how different keys are related

      June 10 - June 16

      •  Monday - Meeting with deva madala on progress till now and technical guidance
      •  Testing the HLCTB network POC written by deva madala (fabric 1.1) and understood how to connect to HLCTB network and executing the chaincode  
      •  Modifying the HLCTB network by adding CA to each org and couchDB for each peers for fabric 1.4
      •  Besides the main goal, started with switching from direct container management to orchestration of containers using kubernetes
      •  Create the project timeline and meeting regarding the same
      •  Change in existing chaincode for proper revocation of certificates

      June 17 - June 23

      •  Tuesday - meeting with Prof. mahavir jhawar regarding preparation for demo and current progress
      •  Create an application(SDK) for connecting to the network and executing chaincode functions
      •  Create a demo for server/client SSL PKI verification using HLCTB network
      •  Thursday - show the demo to deva madala
      •  Write a readme on how to run demo server/client application for testing HLCTB network
      •  Friday-  show the final step by step demo to Professor and deva madala and discussion of the second quarter plans

...

  • Broader Goals for second Evaluation 
    •  Hosting the HLCTB over cloud
    •  FireFox Extension to support HLCTB-assisted https connections 
    •  Development of an interface allowing registration of Certification Authorities to HLCTB network
  • Work Done

    • June 24 - June 30

      •  Trying to add Yeasy/blockchain-explorer:0.1.0-preview to the hlf network.
      •  Added blockchain-explorer for fabric 1.4 on the HLF CTB network for easy monitoing of the transactions and the ledger.
      •  Created a script for automatic testing of network. Using this we can generate multiple ca, domains cerificates , push them to the network, renew the certs for domains and also revoke them. It uses the CA server as a proxy.
      •  Tested for serial processing of transactions for 100 domains and 5 times renewal of certificates and revoking them in the end. The network handled that, and blocks produced had one transaction each. Achieved a processing rate of 20-30 transactions per minute.
      •  Tested for parallel processing with the same settings as serial processing. Each blocks had upto 10 transactions and achieved a processing rate of 200 transactions per minute.
      •  Create a docker image of blockchain-explorer . It has two images , one for server and other for client.

      July 1 - July 7

      •  Raised issue on `Explorer not able to connect orderer from docker.` - 
        Jira
        serverHyperledger JIRA
        serverId6326cb0b-65b2-38fd-a82c-67a89277103b
        keyBE-676
      •  Attending mentors and mentees meet call.
      •  Adding caliper to network
      •  Testing using caliper for different number of transactions and tps while changing block size and batch timeout in configtx.yaml
      •  Adding swagger interface to ca server
      •  Adding authentication to ca server
      •  Deploying whole network on cloud with blockchain-explorer, ca server and caliper
      •  Making  chrome extension

      July 7 - July 14

      •  Make firefox extension
      •  Add script for generating crypto-material and docker files for new CA organisation
      •  Adding new CA organisation to current HLCTB network(locally)
      •  Fixing queryCertificateHistory and adding creation of affiliation for orgs if not present
      •  Create pm2 process file for CA server, reports server and channel Config API.

...

  • Broader Goals for third Evaluation 
    •  Scaling up of HLCTB: Simulation of https connections to sufficiently many HLCTB-registered domains 
    •  Bench-marking HLCTB-assisted handshake overhead (on top of SSL/TLS handshake)
    •  Fine tuning of HLCTB operations for better efficiency and security


  • Work Done

    • July 15 - July 21 

      •  Monday meeting on caliper, firefox extension, CA server api and discussed further plan.
      •  Deploy network on cloud and joining new organisation to network present on different server(whole network contains of 2 server)
      •  Patching TLS certificates of orderers and peers for including IP SANs and documenting the errors faced
      •  Documenting how to add new CA organisation
      •  Create transfer_asset script for transfer TLS certificate for CA server
      •  Documenting how to connect CA server to CA organisation in HLCTB network 

      July 22 - July 28

      •  Presentation on CTB and work done
      •  Reading paper on scaling hyperledger handle order of 4 tps. 
      •  Adding demo for ctb-testing.ml using self-signed CA

      July 29 - Aug 4

      •  Meeting with mentor showing the work done and changes needed.
      •  Adding demo for hfctb.ml using lets encrypt as CA


  •  Week 10-12
  • Broader Goals for last Evaluation
    •  Prepare report explaining completed tasks
    •  Certificate revocation 
    •  Present your work done to hyperledger community
    •  Wrapping up and organising the codebase


  • Work Done

    • Aug 5 - Aug 11

      •  Meeting with mentors on created presentation and suggested changes in it for better understanding
      •  Create more interactive presentation and also a demo video
      •  Looked into certificate revocation part and studied current methods CRL, OCSP, OCSP stapling and Must-Staple   

      Aug 12 - Aug 18

      •  Attended Hyperledger internship presentation of other students
      •  Started working on report
      •  Setup a OCSP responder, webserver for handling OCSPERQUEST using ocsp npm package

      Aug 19 - Aug 25

      •  Meeting with mentors-- different ways of integrating currently available revocation models in HFCTB network
      •  Wrapping up and organizing the codebase