PADVA: A Blockchain-Based TLS Notary Service
The TLS protocol is a de facto standard of secure client-server communication on the Internet. Unfortunately, the public-key infrastructure (PKI) deployed by TLS is a weakest-link system introducing hundreds of links (i.e., trusted entities). Consequently, an adversary compromising a single trusted...
Uložené v:
| Vydané v: | 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS) s. 836 - 843 |
|---|---|
| Hlavný autor: | |
| Médium: | Konferenčný príspevok.. |
| Jazyk: | English |
| Vydavateľské údaje: |
IEEE
01.12.2019
|
| Predmet: | |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | The TLS protocol is a de facto standard of secure client-server communication on the Internet. Unfortunately, the public-key infrastructure (PKI) deployed by TLS is a weakest-link system introducing hundreds of links (i.e., trusted entities). Consequently, an adversary compromising a single trusted entity can impersonate any website. Notary systems, based on multi-path probing, were early and promising proposals to detect and prevent such attacks. Unfortunately, despite their benefits, they are not widely deployed, mainly due to their long-standing unresolved problems. In this paper, we present Persistent and Accountable Domain Validation (PADVA), which is a next-generation blockchain-based TLS notary service. PADVA keeps notaries auditable and accountable, introduces service-level agreements and mechanisms to enforce them, relaxes availability requirements for notaries, and works with the legacy TLS ecosystem. We implemented and evaluated PADVA, and our experiments indicate its efficiency and deployability. |
|---|---|
| AbstractList | The TLS protocol is a de facto standard of secure client-server communication on the Internet. Unfortunately, the public-key infrastructure (PKI) deployed by TLS is a weakest-link system introducing hundreds of links (i.e., trusted entities). Consequently, an adversary compromising a single trusted entity can impersonate any website. Notary systems, based on multi-path probing, were early and promising proposals to detect and prevent such attacks. Unfortunately, despite their benefits, they are not widely deployed, mainly due to their long-standing unresolved problems. In this paper, we present Persistent and Accountable Domain Validation (PADVA), which is a next-generation blockchain-based TLS notary service. PADVA keeps notaries auditable and accountable, introduces service-level agreements and mechanisms to enforce them, relaxes availability requirements for notaries, and works with the legacy TLS ecosystem. We implemented and evaluated PADVA, and our experiments indicate its efficiency and deployability. |
| Author | Szalachowski, Pawel |
| Author_xml | – sequence: 1 givenname: Pawel surname: Szalachowski fullname: Szalachowski, Pawel organization: SUTD |
| BookMark | eNotjs1KxDAURiPoQsd5AkHyALbmJk1u4q5T_waKCh3dDmlyg8Gxlc4g-PYWdPVtDud8Z-x4GAdi7BJECSDc9bp5qW-7Ci2aUgpwpRAgqyO2dGgBpQWprYJTdjVjb_UNr_lqN4aP8O7zUKz8niLftB1_Gg9--uEdTd850Dk7SX63p-X_Ltjr_d2meSza54d1U7dFlkIdCsRkrFdWkQmxSlHq2MswB2WfhO2rRNEYbTwq8g7Jg3YiGhGCUxqRglqwiz9vJqLt15Q_5xNb61BbAPULlqM-5A |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/ICPADS47876.2019.00124 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781728125831 1728125839 |
| EndPage | 843 |
| ExternalDocumentID | 8975811 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i203t-77f68a383e6cd4fd25db2c2582bf08b4fed6656a73ea97ea1590d60cc93577ec3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 13 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000530854900115&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 07:38:00 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i203t-77f68a383e6cd4fd25db2c2582bf08b4fed6656a73ea97ea1590d60cc93577ec3 |
| PageCount | 8 |
| ParticipantIDs | ieee_primary_8975811 |
| PublicationCentury | 2000 |
| PublicationDate | 2019-Dec |
| PublicationDateYYYYMMDD | 2019-12-01 |
| PublicationDate_xml | – month: 12 year: 2019 text: 2019-Dec |
| PublicationDecade | 2010 |
| PublicationTitle | 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS) |
| PublicationTitleAbbrev | PADSW |
| PublicationYear | 2019 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 2.2046509 |
| Snippet | The TLS protocol is a de facto standard of secure client-server communication on the Internet. Unfortunately, the public-key infrastructure (PKI) deployed by... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 836 |
| SubjectTerms | blockchain Blockchains certificate Ecosystems Internet Monitoring Next generation networking Proposals Public key Servers Smart contracts tls tls notary |
| Title | PADVA: A Blockchain-Based TLS Notary Service |
| URI | https://ieeexplore.ieee.org/document/8975811 |
| WOSCitedRecordID | wos000530854900115&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1NSwMxEB1q8eBJpRW_ycFj1-5mP7Lx1laLQimFVumtZJMJFmFX6lbw3zvZXaoHL15CkkNCJoQ3k8x7AbjxtQ4cVdmLJNdUpLGnJAqPwMkGiaG2qdT1J2I6TZdLOWtBb8eFQcQq-QxvXbV6yzeF3rqrsn4qybt1RN49IUTN1WpIv4Ev-0-j2eB-7sRmXOpBUOlQOiL7r19TKtAYH_5vuiPo_rDv2GyHK8fQwrwDPZr1ZXDHBmxI8POmXymi94YEQYYtJnM2LUq1-WLNye_C8_hhMXr0mp8OvDX3w5JcXJukioJFTLSJrOGxybjmccoz66dZZNEk5HgpEaKSAhX5IL5JyM4yjIVAHZ5AOy9yPAXGpcoM5zKjSCoyyCVaP9ZOqI8GRaPPoONWunqvxSxWzSLP_-6-gANnyjp_4xLa5WaLV7CvP8v1x-a62oFvzAyGhA |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1NSwMxEB1KFfSk0orf5uCxa3ezn_HWVkuL67LQKr2VbDKLRWilbgX_vZPdpXrw4iUkOSRkQngzybwXgBtbKcdQlS1PcEVF5FtSYGgROOVOoKmtS3X9OEySaDYTaQM6Wy4MIpbJZ3hrquVbvl6pjbkq60aCvFtD5N3xPY87FVurpv06tuiOB2nvfmLkZkzygVMqURoq-69_U0rYGB78b8JDaP_w71i6RZYjaOCyBR2a9aV3x3qsTwD0pl4pprf6BEKaTeMJS1aFXH-x-uy34Xn4MB2MrPqvA2vBbbcgJzcPIknhIgZKe7nmvs644n7Es9yOMi9HHZDrJUMXpQhRkhdi64AsLVw_DFG5x9BcrpZ4AowLmWnORUaxlKeRC8xtXxmpPhoUtTqFllnp_L2Ss5jXizz7u_sa9kbTp3gej5PHc9g3Zq2yOS6gWaw3eAm76rNYfKyvyt34Bv-xics |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2019+IEEE+25th+International+Conference+on+Parallel+and+Distributed+Systems+%28ICPADS%29&rft.atitle=PADVA%3A+A+Blockchain-Based+TLS+Notary+Service&rft.au=Szalachowski%2C+Pawel&rft.date=2019-12-01&rft.pub=IEEE&rft.spage=836&rft.epage=843&rft_id=info:doi/10.1109%2FICPADS47876.2019.00124&rft.externalDocID=8975811 |