Enhanced TLS Handshake Authentication with Blockchain and Smart Contract (Short Paper)

Xia, Bingqing; Ji, Dongyao; Yao, Gang

doi:10.1007/978-3-319-64200-0_4

Enhanced TLS Handshake Authentication with Blockchain and Smart Contract (Short Paper)

Bingqing Xia^15,16,
Dongyao Ji^15,16 &
Gang Yao^15,16

Conference paper
First Online: 27 July 2017

1270 Accesses
2 Citations
1 Altmetric

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10418))

Abstract

Transport Layer Security (TLS) is the main standard designed for secure connections over the Internet. Security of TLS connections against active Man-in-the-Middle attacks relies on correctly validating public-key certificates during TLS handshake authentication. Although Certificate Transparency (CT) and further improved CT system—IKP mitigated the certificate authentication issues from the perspective of monitoring CA misbehavior, less attentions have been paid to consider the misbehavior of domain in using certificates during TLS handshake authentication. One misusing case is that domains refuse to use the certificates in Certificate Transparency Log for their own profits, the other is that a malicious domain impersonates the real one to deceive clients. In order to defend against domain’s misbehaviors in using certificates, we propose ETDA system based on IKP and CT aiming to enhance the security of TLS protocol from a novel perspective. ETDA is a blockchain-based system enforcing the automatic punishments in response to domain misbehavior and compensations to the client during TLS handshake authentication. The decentralized nature and incentives mechanism of ETDA provide an effective approach to prevent domains from sending invalid certificates to clients. We implement this system through Ethereum platform and Game Theory, which proved to be both technically and economically feasible.

This work was supported by the National Key Research and Development Program of China, No. 2016YFB0800503.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3-draft-ietf-tls-tls13-20, April 2017. https://tools.ietf.org/html/draft-ietf-tls-tls13-20
Laurie, B., Langley, A., Kasper, E. Certificate Transparency, June 2013. http://tools.ietf.org/pdf/rfc6962.pdf, IETF RFC 6962
Laurie, B., Kasper, E.: Revocation Transparency (2012). http://sump2.links.org/RevocationTransparency.pdf
Matsumoto, S., Reischuk, R.: IKP: Turning a PKI Around with Blockchains. Cryptology ePrint Archive: Report 2016/1018
Google Scholar
Aura, T., Nikander, P., Leiwo, J.: DOS-resistant authentication with client puzzles. In: Christianson, B., Malcolm, J.A., Crispo, B., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170–177. Springer, Heidelberg (2001). doi:10.1007/3-540-44810-1_22
Chapter Google Scholar
Luu, L., Chu, D., Olickel, H., Saxena, P., Hober, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269, October 2016
Google Scholar
Bhargavan, K., Lavaud, A., Fournet, C., Pironti, A., Strub, P.: Triple handshakes and cookie cutters: breaking and fixing authentication over TLS. In: IEEE Symposium on Security and Privacy (SP), pp. 98–113 (2014)
Google Scholar
Nakamoto, S.: Bitcoin: A pee-to-peer electronic cash system (2008)
Google Scholar
Delmolino, K., Arnett, M., Kosba, A., Miller, A., Shi, E.: Step by step towards creating a safe smart contract: lessons and insights from a cryptocurrency lab. In: Clark, J., Meiklejohn, S., Ryan, P.Y.A., Wallach, D., Brenner, M., Rohloff, K. (eds.) FC 2016. LNCS, vol. 9604, pp. 79–94. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53357-4_6
Chapter Google Scholar
Ethereum Foundation. Ethereum’s white paper (2014). https://github.com/ethereum/wiki/White-Paper
Bonneau, J.: EthIKS: using ethereum to audit a CONIKS key transparency log. In: Clark, J., Meiklejohn, S., Ryan, P.Y.A., Wallach, D., Brenner, M., Rohloff, K. (eds.) FC 2016. LNCS, vol. 9604, pp. 95–105. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53357-4_7
Chapter Google Scholar
Weibull, J.: Evolutionary Game Theory. MIT Press, Cambridge (1995)
MATH Google Scholar

Download references

Author information

Authors and Affiliations

State Key Lab of Information Security, Institute of Information Engineering of Chinese Academy of Sciences, Beijing, China
Bingqing Xia, Dongyao Ji & Gang Yao
School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China
Bingqing Xia, Dongyao Ji & Gang Yao

Authors

Bingqing Xia
View author publications
You can also search for this author in PubMed Google Scholar
Dongyao Ji
View author publications
You can also search for this author in PubMed Google Scholar
Gang Yao
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dongyao Ji .

Editor information

Editors and Affiliations

Hosei University, Tokyo, Japan
Satoshi Obana
NTT Corporation, Tokyo, Japan
Koji Chida

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Xia, B., Ji, D., Yao, G. (2017). Enhanced TLS Handshake Authentication with Blockchain and Smart Contract (Short Paper). In: Obana, S., Chida, K. (eds) Advances in Information and Computer Security. IWSEC 2017. Lecture Notes in Computer Science(), vol 10418. Springer, Cham. https://doi.org/10.1007/978-3-319-64200-0_4

Download citation

DOI: https://doi.org/10.1007/978-3-319-64200-0_4
Published: 27 July 2017
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64199-7
Online ISBN: 978-3-319-64200-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics