publication . Conference object . 2018

Auditing Transparent Log Server with Blockchain

Hoang-Long Nguyen; Claudia-Lavinia Ignat; Olivier Perrin;
Open Access English
  • Published: 23 Apr 2018
  • Publisher: HAL CCSD
Abstract
International audience; Public key server is a simple yet effective way of key management in secure end-to-end communication. To ensure the trustworthiness of a public key server, transparent log systems such as CONIKS employ a tamper-evident data structure on the server and a gossip-ing protocol among clients in order to detect compromised servers. However, due to lack of incentive and vulnerability to malicious clients, a gossiping protocol is hard to implement in practice. Meanwhile , alternative solutions such as EthIKS are not scalable. This paper presents Trusternity, an auditing scheme relying on Ethereum blockchain that is easy to implement, scalable and...
Subjects
free text keywords: blockchain, key transparency, auditing, Ethereum, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Vulnerability, Server, Key management, Computer security, computer.software_genre, computer, Public-key cryptography, business.industry, business, Audit, Data structure, Gossip, Scalability, Computer science
Related Organizations

[1] 2017. Go Ethereum: Oficial Go implementation of the Ethereum protocol. https: //geth.ethereum.org/. (2017).

[2] Joseph Bonneau. 2016. EthIKS: Using Ethereum to audit a CONIKS key transparency log. In International Conference on Financial Cryptography and Data Security. Springer, 95-105.

[3] Vitalik Buterin. 2016. Ethereum Light client protocol. https://github.com/ ethereum/wiki/wiki/Light-client-protocol. (2016).

[4] John R Douceur. 2002. The sybil attack. In International Workshop on Peer-to-Peer Systems. Springer, 251-260.

[5] Google. 2017. Key Transparency. https://github.com/google/keytransparency. (2017).

[6] http://coniks.org. 2018. A CONIKS implementation in Golang. https://github.com/coniks-sys/coniks-go. (2018). Accessed on 08.01.2018.

[7] Ben Laurie, Adam Langley, and Emilia Kasper. 2013. Certificate transparency. Technical Report.

[8] Marcela S Melara, Aaron Blankstein, Joseph Bonneau, Edward W Felten, and Michael J Freedman. 2015. CONIKS: Bringing key transparency to end users. In 24th USENIX Security Symposium (USENIX Security 15). 383-398.

[9] Gavin Wood. 2014. Ethereum: A secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151 (2014), 1-32.

Abstract
International audience; Public key server is a simple yet effective way of key management in secure end-to-end communication. To ensure the trustworthiness of a public key server, transparent log systems such as CONIKS employ a tamper-evident data structure on the server and a gossip-ing protocol among clients in order to detect compromised servers. However, due to lack of incentive and vulnerability to malicious clients, a gossiping protocol is hard to implement in practice. Meanwhile , alternative solutions such as EthIKS are not scalable. This paper presents Trusternity, an auditing scheme relying on Ethereum blockchain that is easy to implement, scalable and...
Subjects
free text keywords: blockchain, key transparency, auditing, Ethereum, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Vulnerability, Server, Key management, Computer security, computer.software_genre, computer, Public-key cryptography, business.industry, business, Audit, Data structure, Gossip, Scalability, Computer science
Related Organizations

[1] 2017. Go Ethereum: Oficial Go implementation of the Ethereum protocol. https: //geth.ethereum.org/. (2017).

[2] Joseph Bonneau. 2016. EthIKS: Using Ethereum to audit a CONIKS key transparency log. In International Conference on Financial Cryptography and Data Security. Springer, 95-105.

[3] Vitalik Buterin. 2016. Ethereum Light client protocol. https://github.com/ ethereum/wiki/wiki/Light-client-protocol. (2016).

[4] John R Douceur. 2002. The sybil attack. In International Workshop on Peer-to-Peer Systems. Springer, 251-260.

[5] Google. 2017. Key Transparency. https://github.com/google/keytransparency. (2017).

[6] http://coniks.org. 2018. A CONIKS implementation in Golang. https://github.com/coniks-sys/coniks-go. (2018). Accessed on 08.01.2018.

[7] Ben Laurie, Adam Langley, and Emilia Kasper. 2013. Certificate transparency. Technical Report.

[8] Marcela S Melara, Aaron Blankstein, Joseph Bonneau, Edward W Felten, and Michael J Freedman. 2015. CONIKS: Bringing key transparency to end users. In 24th USENIX Security Symposium (USENIX Security 15). 383-398.

[9] Gavin Wood. 2014. Ethereum: A secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151 (2014), 1-32.

Powered by OpenAIRE Open Research Graph
Any information missing or wrong?Report an Issue
publication . Conference object . 2018

Auditing Transparent Log Server with Blockchain

Hoang-Long Nguyen; Claudia-Lavinia Ignat; Olivier Perrin;