High profile cyber attacks such as the one on DigiNotar in 2011, where a Certificate Authority (CA) was compromised, has shed light on the vulnerabilities of the internet. In order to make the internet safer in terms of exposing fraudulent certificates, CertificateTransparency (CT) was introduced. The main idea is to append all certificates to a publicly visible log, which anyone can monitor to check for suspicious activity. Although this is a great initiative for needing to rely less on CAs, the logs are still centralized and run by large companies. Therefore, in this thesis, in order to make the logs more available and scalable, we investigate the idea of a distributed client driven CT log via peer-to-peer (P2P) and WebRTC technology that runs in the background of the user’s browser. We show that such a system is indeed implementable, but with limited scalability. We also show that such a system would provide better availability while keeping the integrity of CT by implementing an append only feature, enforced by the Merkle Tree structure.
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-148693 |
Date | January 2018 |
Creators | Ellgren, Robin, Löfgren, Tobias |
Publisher | Linköpings universitet, Institutionen för datavetenskap, Linköpings universitet, Institutionen för datavetenskap |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf |
Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0016 seconds