PADVA: A Blockchain-Based TLS Notary Service
The TLS protocol is a de facto standard of secure client-server communication on the Internet. Unfortunately, the public-key infrastructure (PKI) deployed by TLS is a weakest-link system introducing hundreds of links (i.e., trusted entities). Consequently, an adversary compromising a single trusted...
Saved in:
| Published in: | 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS) pp. 836 - 843 |
|---|---|
| Main Author: | |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
IEEE
01.12.2019
|
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Abstract | The TLS protocol is a de facto standard of secure client-server communication on the Internet. Unfortunately, the public-key infrastructure (PKI) deployed by TLS is a weakest-link system introducing hundreds of links (i.e., trusted entities). Consequently, an adversary compromising a single trusted entity can impersonate any website. Notary systems, based on multi-path probing, were early and promising proposals to detect and prevent such attacks. Unfortunately, despite their benefits, they are not widely deployed, mainly due to their long-standing unresolved problems. In this paper, we present Persistent and Accountable Domain Validation (PADVA), which is a next-generation blockchain-based TLS notary service. PADVA keeps notaries auditable and accountable, introduces service-level agreements and mechanisms to enforce them, relaxes availability requirements for notaries, and works with the legacy TLS ecosystem. We implemented and evaluated PADVA, and our experiments indicate its efficiency and deployability. |
|---|---|
| AbstractList | The TLS protocol is a de facto standard of secure client-server communication on the Internet. Unfortunately, the public-key infrastructure (PKI) deployed by TLS is a weakest-link system introducing hundreds of links (i.e., trusted entities). Consequently, an adversary compromising a single trusted entity can impersonate any website. Notary systems, based on multi-path probing, were early and promising proposals to detect and prevent such attacks. Unfortunately, despite their benefits, they are not widely deployed, mainly due to their long-standing unresolved problems. In this paper, we present Persistent and Accountable Domain Validation (PADVA), which is a next-generation blockchain-based TLS notary service. PADVA keeps notaries auditable and accountable, introduces service-level agreements and mechanisms to enforce them, relaxes availability requirements for notaries, and works with the legacy TLS ecosystem. We implemented and evaluated PADVA, and our experiments indicate its efficiency and deployability. |
| Author | Szalachowski, Pawel |
| Author_xml | – sequence: 1 givenname: Pawel surname: Szalachowski fullname: Szalachowski, Pawel organization: SUTD |
| BookMark | eNotjs1KxDAURiPoQsd5AkHyALbmJk1u4q5T_waKCh3dDmlyg8Gxlc4g-PYWdPVtDud8Z-x4GAdi7BJECSDc9bp5qW-7Ci2aUgpwpRAgqyO2dGgBpQWprYJTdjVjb_UNr_lqN4aP8O7zUKz8niLftB1_Gg9--uEdTd850Dk7SX63p-X_Ltjr_d2meSza54d1U7dFlkIdCsRkrFdWkQmxSlHq2MswB2WfhO2rRNEYbTwq8g7Jg3YiGhGCUxqRglqwiz9vJqLt15Q_5xNb61BbAPULlqM-5A |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/ICPADS47876.2019.00124 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781728125831 1728125839 |
| EndPage | 843 |
| ExternalDocumentID | 8975811 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i203t-77f68a383e6cd4fd25db2c2582bf08b4fed6656a73ea97ea1590d60cc93577ec3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 13 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000530854900115&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 07:38:00 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i203t-77f68a383e6cd4fd25db2c2582bf08b4fed6656a73ea97ea1590d60cc93577ec3 |
| PageCount | 8 |
| ParticipantIDs | ieee_primary_8975811 |
| PublicationCentury | 2000 |
| PublicationDate | 2019-Dec |
| PublicationDateYYYYMMDD | 2019-12-01 |
| PublicationDate_xml | – month: 12 year: 2019 text: 2019-Dec |
| PublicationDecade | 2010 |
| PublicationTitle | 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS) |
| PublicationTitleAbbrev | PADSW |
| PublicationYear | 2019 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 2.2046425 |
| Snippet | The TLS protocol is a de facto standard of secure client-server communication on the Internet. Unfortunately, the public-key infrastructure (PKI) deployed by... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 836 |
| SubjectTerms | blockchain Blockchains certificate Ecosystems Internet Monitoring Next generation networking Proposals Public key Servers Smart contracts tls tls notary |
| Title | PADVA: A Blockchain-Based TLS Notary Service |
| URI | https://ieeexplore.ieee.org/document/8975811 |
| WOSCitedRecordID | wos000530854900115&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEB5q8eBJpRXf5OCxa3c3m5e3tloUpCy0Sm8lTyzCttSt4L832V2qBy9eQshlmITwfZPMNwNwI5SzijvP3LQffABBI8WViGLHBDNZ-Jipm02wyYTP5yJvQW-nhbHWVsln9jZMq798s9Lb8FTW58Kz2yDk3WOM1VqtRvSbxKL_NMoH99NQbCakHiRVHcogZP_VNaUCjfHh_8wdQfdHfYfyHa4cQ8sWHeh5q6-DOzRAQw8_7_rNR_TR0EOQQbPnKZqsSrn5Qs3N78LL-GE2eoyaTgfRMo1x6Smuo1z6YNFSbTJnUmJUqlPCU-VirjJnDfXESzJspWBWeg4SGxprLTBhzGp8Au1iVdhTQCSj1LFEKI_TmUyMEpnGDBOpmCEEkzPoBE8X67qYxaJx8vzv5Qs4CFtZ529cQrvcbO0V7OvPcvmxua5O4BukDoZW |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEA6lCnpSacW3OXjs2t3N21tbLS3WpdAqvZU8sQit1K3gvzfZXaoHL15CyGWYhPB9k8w3A8CNUM4q7jxz037wAQSNFFciih0TzODwMVM2m2BZxmczMa6B1lYLY60tks_sbZgWf_lmpTfhqazNhWe3Qci7QzBOk1KtVcl-k1i0h71x534Sys2E5IOkqEQZpOy_-qYUsNE_-J_BQ9D80d_B8RZZjkDNLhug5a2-dO5gB3Y9AL3pVx_TR10PQgZORxOYrXK5_oLV3W-C5_7DtDeIql4H0SKNUe5JrqNc-nDRUm2wMykxKtUp4alyMVfYWUM99ZIMWSmYlZ6FxIbGWgtEGLMaHYP6crW0JwASTKljiVAeqbFMjBJYI4aIVMwQgsgpaARP5-9lOYt55eTZ38vXYG8wfRrNR8Ps8Rzsh20tszkuQD1fb-wl2NWf-eJjfVWcxjfWsYmd |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2019+IEEE+25th+International+Conference+on+Parallel+and+Distributed+Systems+%28ICPADS%29&rft.atitle=PADVA%3A+A+Blockchain-Based+TLS+Notary+Service&rft.au=Szalachowski%2C+Pawel&rft.date=2019-12-01&rft.pub=IEEE&rft.spage=836&rft.epage=843&rft_id=info:doi/10.1109%2FICPADS47876.2019.00124&rft.externalDocID=8975811 |