Skip to main content
SpringerLink
Log in
Book cover

International Conference on Financial Cryptography and Data Security

FC 2018: Financial Cryptography and Data Security pp 144–162Cite as

Blockchain-Based Certificate Transparency and Revocation Transparency

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10958))

Abstract

Traditional X.509 public key infrastructures (PKIs) depend on certification authorities (CAs) to sign certificates, used in SSL/TLS to authenticate web servers and establish secure channels. However, recent security incidents indicate that CAs may (be compromised to) sign fraudulent certificates. In this paper, we propose blockchain-based certificate transparency and revocation transparency. Our scheme is compatible with X.509 PKIs but significantly reinforces the security guarantees of a certificate. The CA-signed certificates and their revocation status information of an SSL/TLS web server are published by the subject (i.e., the web server) as a transaction, and miners of the community append it to the global certificate blockchain after verifying the transaction and mining a block. The certificate blockchain acts as append-only public logs to monitor CAs’ certificate signing and revocation operations, and an SSL/TLS web server is granted with the cooperative control on its certificates to balance the absolute authority of CAs in traditional PKIs. We implement the prototype system with Firefox and Nginx, and the experimental results show that it introduces reasonable overheads.

This work was partially supported by National Basic Research 973 Program of China (Award No. 2014CB340603), National Natural Science Foundation of China (Award No. 61772518), and Cyber Security Program (Award No. 2017YFB0802100) of National Key RD Plan of China.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    We visited the Alexa top-50 websites, and observed 29 unique certificate chains for these websites (averagely 4.05 KB), each of which is composed of three certificates. We collected OCSP responses (averagely 1.60 KB) for these certificates, and the distribution of the validity periods is: 17 are 7-day, 9 are 4-day, 2 are 1.5-day, and 1 is 5-day.

References

  1. Abadi, M., Birrell, A., Mironov, I., Wobber, T., Xie, Y.: Global authentication in an untrustworthy world. In: 14th USENIX Conference on Hot Topics in Operating Systems (HotOS) (2013)

    Google Scholar 

  2. Alexa: Alexa Top 1M Websites (2017). http://s3.amazonaws.com/alexa-static/top-1m.csv.zip

  3. Alicherry, M., Keromytis, A.: Doublecheck: multi-path verification against man-in-the-middle attacks. In: 14th IEEE Symposium on Computers and Communications (ISCC), pp. 557–563 (2009)

    Google Scholar 

  4. Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: DNS Security Introduction and Requirements. Technical report, IETF RFC 4033 (2005)

    Google Scholar 

  5. Arthur, C.: Rogue Web Certificate Could Have Been Used to Attack Iran Dissidents, August 2011. https://iranian.com/main/news/2011/08/30/rogue-web-certificate-could-have-been-used-attack-iran-dissidents.html

  6. Ateniese, G., Mangard, S.: A new approach to DNS security (DNSSEC). In: 8th ACM Conference on Computer and Communications Security (CCS), pp. 86–95 (2001)

    Google Scholar 

  7. Basin, D., Cremers, C., Kim, H., Perrig, A., Sasse, R., Szalachowski, P.: ARPKI: attack resilient public-key infrastructure. In: 21st ACM Conference on Computer and Communications Security (CCS), pp. 382–393 (2014)

    Google Scholar 

  8. bitcoin.org: Bitcoin Developer Guide (2016). https://bitcoin.org/en/developer-guide

  9. Braun, J., Volk, F., Classen, J., Buchmann, J., Mühlhäuser, M.: CA trust management for the web PKI. J. Comput. Secur. 22(6), 913–959 (2014)

    Article  Google Scholar 

  10. Clark, J., van Oorschot, P.: SoK: SSL and HTTPS: revisiting past challenges and evaluating certificate trust model enhancements. In: 34th IEEE Symposium on Security and Privacy (S&P), pp. 511–525 (2013)

    Google Scholar 

  11. Comodo Group Inc.: Comodo Report of Incident, March 2011. https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html

  12. Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. Technical report, IETF RFC 5280 (2008)

    Google Scholar 

  13. Dacosta, I., Ahamad, M., Traynor, P.: Trust no one else: detecting MITM attacks against SSL/TLS without third-parties. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 199–216. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33167-1_12

    Chapter  Google Scholar 

  14. Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol. Technical report, IETF RFC 5246 (2008)

    Google Scholar 

  15. Eckersley, P.: A Syrian Man-in-the-Middle Attack against Facebook, May 2011. https://www.eff.org/deeplinks/2011/05/syrian-man-middle-against-facebook

  16. Eckersley, P.: Sovereign Key Cryptography for Internet Domains. Technical report, IETF Internet-draft (2012)

    Google Scholar 

  17. Eckersley, P., Burns, J.: Is the SSLiverse a Safe Place, December 2010. https://events.ccc.de/congress/2010/Fahrplan/events/4121.en.html

  18. Engert, K.: DetecTor, September 2013. http://www.detector.io/DetecTor.pdf

  19. Evans, C., Palmer, C., Sleevi, R.: Public Key Pinning Extension for HTTP. Technical report, IETF RFC 7469 (2015)

    Google Scholar 

  20. Eyal, I., Sirer, E.G.: Majority Is Not Enough: Bitcoin Mining Is Vulnerable, pp. 436–454 (2013)

    Google Scholar 

  21. Freier, A., Karlton, P., Kocher, P.: The Secure Sockets Layer (SSL) Protocol Version 3.0 (2011)

    Google Scholar 

  22. Fromknecht, C., Velicanu, D., Yakoubov, S.: A Decentralized Public Key Infrastructure with Identity Retention (2014). https://eprint.iacr.org/2014/803.pdf

  23. Fromknecht, C., Velicanu, D., Yakoubov, S.: CertCoin: A NameCoin Based Decentralized Authentication System, Massachusetts Institute of Technology, MA, USA (2014). http://courses.csail.mit.edu/6.857/2014/files/19-fromknecht-velicann-yakoubov-certcoin.pdf

  24. GlobalSign: Security Incident Report (2011). https://www.globalsign.com/resources/globalsign-security-incident-report.pdf

  25. Grant, A.: Search for Trust: An Analysis and Comparison of CA System Alternatives and Enhancements. Technical report, Dartmouth Computer Science, Technical Report TR2012-716 (2012)

    Google Scholar 

  26. Hallam-Baker, P., Stradling, R.: DNS Certification Authority Authorization (CAA) Resource Record. Technical report, IETF RFC 6844 (2013)

    Google Scholar 

  27. Hoffman, P., Schlyter, J.: The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA. Technical report, IETF RFC 6698 (2012)

    Google Scholar 

  28. Holz, R., Riedmaier, T., Kammenhuber, N., Carle, G.: X.509 forensics: detecting and localising the SSL/TLS men-in-the-middle. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 217–234. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33167-1_13

    Chapter  Google Scholar 

  29. ICSI: The ICSI Certificate Notary (2011). https://notary.icsi.berkeley.edu/

  30. Kasten, J., Wustrow, E., Halderman, J.A.: CAge: taming certificate authorities by inferring restricted scopes. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 329–337. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_28

    Chapter  Google Scholar 

  31. Kim, T., Huang, L., Perrig, A., Jackson, C., Gligor, V.: Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure. In: 22nd International Conference on World Wide Web (WWW), pp. 679–690 (2013)

    Google Scholar 

  32. Langley, A.: Public Key Pinning, May 2011. https://www.imperialviolet.org/2011/05/04/pinning.html

  33. Langley, A.: Further Improving Digital Certificate Security, December 2013. https://security.googleblog.com/2013/12/further-improving-digital-certificate.html

  34. Laurie, B., Kasper, E.: Revocation Transparency (2012). http://sump2.links.org/files/RevocationTransparency.pdf

  35. Laurie, B., Langley, A., Kasper, E., Google: Certificate Transparency. Technical report, IETF RFC 6962 (2014)

    Google Scholar 

  36. Lewison, K., Coralla, F.: Backing Rich Credentials with a Blockchain PKI (2016). http://pomcor.com/techreports/BlockchainPKI.pdf

  37. Liu, Y., Tome, W., Zhang, L., Choffnes, D., et al.: An end-to-end measurement of certificate revocation in the web’s PKI. In: 15th Internet Measurement Conference (IMC), pp. 183–196 (2015)

    Google Scholar 

  38. Marlinspike, M.: Convergence, September 2011. https://github.com/moxie0/Convergence

  39. Marlinspike, M.: Trust Assertions for Certificate Keys. Technical report, IETF Internet-draft (2013)

    Google Scholar 

  40. Matsumoto, S., Reischuk, R.: IKP: turning a PKI around with decentralized automated incentives. In: 38th IEEE Symposium on Security and Privacy (S&P) (2017)

    Google Scholar 

  41. Melara, M., Blankstein, A., Bonneau, J., Felten, E., Freedman, M.: CONIKS: bringing key transparency to end users. In: 24th USENIX Conference on Security Symposium, pp. 383–398 (2015)

    Google Scholar 

  42. Micheloni, A., Fuchs, K., Herrmann, D., Federrath, H.: Laribus: privacy-preserving detection of fake SSL certificates with a social P2P notary network. In: 8th International Conference on Availability, Reliability and Security (ARES), pp. 1–10 (2013)

    Google Scholar 

  43. University of Michigan. Censys, April 2016. https://censys.io/

  44. Microsoft: MS01-017: Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard, March 2001. https://technet.microsoft.com/library/security/ms01-017

  45. Morton, B.: Public Announcements Concerning the Security Advisory, January 2013. https://www.entrust.com/turktrust-unauthorized-ca-certificates

  46. Morton, B.: More Google Fraudulent Certificates, July 2014. https://www.entrust.com/google-fraudulent-certificates/

  47. Muneeb, A., Jude, N., Ryan, S., Michael, J.: Blockstack: a global naming and storage system secured by blockchains. In: 2016 USENIX Annual Technical Conference, pp. 181–194 (2016)

    Google Scholar 

  48. Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008). https://bitcoin.org/bitcoin.pdf

  49. Namecoin Team: Namecoin (2011). https://www.namecoin.org/

  50. PSYC: Certificate Patrol (2014). http://patrol.psyced.org/

  51. Ryan, M.: Enhanced certificate transparency and end-to-end encrypted mail. In: 21st ISOC Network and Distributed System Security Symposium (NDSS) (2014)

    Google Scholar 

  52. Soghoian, C., Stamm, S.: Certified lies: detecting and defeating government interception attacks against SSL (Short Paper). In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 250–259. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27576-0_20

    Chapter  Google Scholar 

  53. Sotirov, A., Stevens, M.: MD5 Considered Harmful Today, December 2008. http://www.win.tue.nl/hashclash/rogue-ca/

  54. SSL Shopper: SSL Certificate for Mozilla.com Issued Without Validation, December 2008. https://www.sslshopper.com/article-ssl-certificate-for-mozilla.com-issued-without-validation.html

  55. Start Commercial (StartCom) Limited: Critical Event Report, December 2008. https://blog.startcom.org/wp-content/uploads/2009/01/ciritical-event-report-12-20-2008.pdf

  56. Szalachowski, P., Matsumoto, S., Perrig, A.: PoliCert: secure and flexible TLS certificate management. In: 21st ACM Conference on Computer and Communications Security (CCS), pp. 406–417 (2014)

    Google Scholar 

  57. Vandersloot, B., Amann, J., Bernhard, M., Durumeric, Z., et al.: Towards a complete view of the certificate ecosystem. In: 16th Internet Measurement Conference (IMC), pp. 543–549 (2016)

    Google Scholar 

  58. VASCO Data Security International Inc.: DigiNotar Reports Security Incident, August 2011. https://www.vasco.com/about-vasco/press/2011/news _diginotar _reports _security _incident.html

  59. Wendlandt, D., Andersen, D., Perrig, A.: Perspectives: improving SSH-style host authentication with multi-path probing. In: 2008 USENIX Annual Technical Conference, pp. 321–334 (2008)

    Google Scholar 

  60. Wikipedia: Flame(malware), March 2017. https://en.wikipedia.org/wiki/Flame_(malware)

  61. Wilson, K.: Distrusting New CNNIC Certificates, April 2015. https://blog.mozilla.org/security/2015/04/02/distrusting-new-cnnic-certificates/

  62. Zusman, M.: Criminal Charges Are Not Pursued: Hacking PKI (2009). https://defcon.org/images/defcon-17/dc-17-presentations/defcon-17-zusman-hacking_pki.pdf

Download references

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China

    Ze Wang, Jingqiang Lin, Quanwei Cai, Qiongxiao Wang, Jiwu Jing & Daren Zha

  2. Data Assurance and Communication Security Research Center, Chinese Academy of Sciences, Beijing, 100093, China

    Ze Wang, Jingqiang Lin, Quanwei Cai, Qiongxiao Wang, Jiwu Jing & Daren Zha

  3. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100049, China

    Ze Wang, Jingqiang Lin, Qiongxiao Wang & Jiwu Jing

Authors
  1. Ze Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jingqiang Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Quanwei Cai
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Qiongxiao Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jiwu Jing
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Daren Zha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jingqiang Lin .

Editor information

Editors and Affiliations

  1. Hebrew University, Jerusalem, Israel

    Aviv Zohar

  2. Technion – Israel Institute of Technology, Haifa, Israel

    Ittay Eyal

  3. University of Melbourne, Parkville, VIC, Australia

    Vanessa Teague

  4. Concordia University, Beaconsfield, QC, Canada

    Jeremy Clark

  5. Computer Science and Mathematics, Stirling University, Stirling, UK

    Andrea Bracciali

  6. Mathematical Institute, University of Oxford, Oxford, UK

    Federico Pintore

  7. Department of Mathematics, University of Trento, Trento, Italy

    Massimiliano Sala

A Parameters Selection

A Parameters Selection

The time interval between two adjacent blocks (denoted as \(T_B\)) determines how soon a certificate will be accepted by browsers after it has been included in the blockchain. It is reasonable for a web server to require its published certificates to be accepted within 24 h, i.e., \(N \times T_B < 1,440\) min. On the other hand, a smaller \(T_{B}\) enforces the web server to watch for fraudulent certificates in the blockchain more frequently, and take countermeasures more quickly. Accordingly, we set \(T_B = 120\) min as a typical value and let \(N=6\) (the same as the requirement in Bitcoin). In order to keep the block mining stable, the community adjusts the PoW target of the blockchain periodically.

The validity period of Type-I transactions (denote as \(T_{I}\)) is chosen to provide moderate revocation transparency. First, only when a transaction has been included in a fully-confirmed block (not in the latest N ones of the blockchain), the contained certificates are considered as valid by browsers. So, \(T_{I} \gg (N+1) \times T_B\); otherwise, it is never accepted by browsers before it expires. Meanwhile, \(T_I\) shall be not significantly greater than the general revocation status update period, to enforce the web servers to update their transactions in a timely manner. So we require that \(T_{I} \le 10 \times T_{Revoke}\), where \(T_{Revoke}\) is the revocation status update period. For more than 95% of CRL files, \(T_{Revoke}\) is not larger than 1 day. OCSP provides timely revocation status services, but the validity period of OCSP responses is typically 4 or 7 days.Footnote 1 Thus, we set \(T_I = 14,400\) min (or 10 days) in the prototype.

\(T_{II}\) determines the frequency of shadow Type-II transactions. We set \(T_{II} = 10\times T_{I}\) (i.e., 100 days).

Rights and permissions

Reprints and permissions

Copyright information

© 2019 International Financial Cryptography Association

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wang, Z., Lin, J., Cai, Q., Wang, Q., Jing, J., Zha, D. (2019). Blockchain-Based Certificate Transparency and Revocation Transparency. In: Zohar, A., et al. Financial Cryptography and Data Security. FC 2018. Lecture Notes in Computer Science(), vol 10958. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-58820-8_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-58820-8_11

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-58819-2

  • Online ISBN: 978-3-662-58820-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation