|
The security of web communication via the SSL/TLS protocols relies on safe distributions of public keys associated with web domains in the form of X.509 certificates. Certificate authorities (CAs) are trusted third parties that issue these X.509 certificates. However, the CA ecosystem is fragile and prone to compromises. Starting with Google's Certificate Transparency project, a number of research works have recently looked at adding transparency for better CA accountability.
Leveraging recent advances in blockchain development, we recently proposed a novel system, called CTB (Certificate Transparency using Blockchain), that makes it impossible for a CA to issue a certificate for a domain without obtaining consent from the domain owner (See https://eprint.iacr.org/2018/1232 for a copy of the paper). A proof of concept implementation of CTB is developed using Hyperledger Fabric. CTB works on top of the current certificate validation mechanism present in X.509-assisted SSL/TLS system.
CTB proposes a Hyperledger Fabric (HF) network among the member certification authorities by requiring each certificate authorities to play the role of endorsing peers and they belongs to different organisations (orgs in HF vocabulary). An organisation, representing internet browsers, is also created.
The aim of this project is to scale up the existing proof-of-concept implementation through several stages:
Learning Objectives
Setting up and managing CTB Hyperledger Fabric Network on Amazon Web Services
Relation to Hyperledger
Hyperledger Fabric, Composer
Graduate/Undergraduate student
Previous Hyperledger Fabric experience (desired, but not required)
Experience building a browser extension
Full-time (40 hours a week for 12 weeks during the summer)
Mahavir Jhawar, mahavir.jhawar@ashoka.edu.in, mahavir.jhawar@gmail.com
Deva Surya Vivek Madala, vivek.madala@ashoka.edu.in
Harsh Jain, harshjniitr@gmail.com harsh-98