DeepAI AI Chat
Log In Sign Up

Hardening X.509 Certificate Issuance using Distributed Ledger Technology

04/15/2020
by   Holger Kinkelin, et al.
Technische Universität München
0

The security of cryptographic communication protocols that use X.509 certificates depends on the correctness of those certificates. This paper proposes a system that helps to ensure the correct operation of an X.509 certification authority and its registration authorities. We achieve this goal by enforcing a policy-defined, multi-party validation and authorization workflow of certificate signing requests. Besides, our system offers full accountability for this workflow for forensic purposes. As a foundation for our implementation, we leverage the distributed ledger and smart contract framework Hyperledger Fabric. Our implementation inherits the strong tamper-resistance of Fabric which strengthens the integrity of the computer processes that enforce the validation and authorization of the certificate signing request, and of the metadata collected during certificate issuance.

READ FULL TEXT

page 1

page 2

page 3

page 4

01/21/2021

Privacy-Preserving and Efficient Verification of the Outcome in Genome-Wide Association Studies

Providing provenance in scientific workflows is essential for reproducib...
10/15/2019

Towards Simplifying PKI Implementation: Client-Server based Validation of Public Key Certificates

With real-time certificate validation checking, a public-key-using syste...
05/06/2023

On the usefulness of linear types for correct nonce use enforcement during compile time

Cryptographic algorithms and protocols often need unique random numbers ...
07/15/2020

Bitcoin Trace-Net: Formal Contract Verification at Signing Time

Smart contracting protocols promise to regulate the transfer of cryptocu...
11/26/2021

Towards a Secure and Reliable IT-Ecosystem in Seaports

Digitalization in seaports dovetails the IT infrastructure of various ac...
05/31/2021

Proactive Provenance Policies for Automatic Cryptographic Data Centric Security

Data provenance analysis has been used as an assistive measure for ensur...
11/07/2017

The VACCINE Framework for Building DLP Systems

Conventional Data Leakage Prevention (DLP) systems suffer from the follo...