DEVELOPING PUBLIC KEY INFRASTRUCTURE FOR HTTPS USING BLOCKCHAIN
The need for secure communication was a fundamental part of Internet which was realized by HTTP over TLS. Public key infrastructure utilizing X.509 certificate as communication medium and certificate authority as its trusted party is an important part of HTTPS. However, it comes with its own i...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/56339 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | The need for secure communication was a fundamental part of Internet which was
realized by HTTP over TLS. Public key infrastructure utilizing X.509 certificate as
communication medium and certificate authority as its trusted party is an important
part of HTTPS. However, it comes with its own issues in speed, security, and
transparency due to its centralized characteristic. From a security standpoint, a
breach or bad behavior in certificate authority would affect all past and future
certificate. This only gets worse when considering the opaqueness of certificate
management processes, which makes it harder to know when a certificate authority
is behaving badly.
In this final project, a public key infrastructure implementing web of trust concept
is developed using blockchain. It is made for HTTPS certificate management. The
solution is implemented on Ethereum blockchain platform. It has the same
functionality and operation speed as a certificate authority-based public key
infrastructure. It is better in terms of security and transparency. However, due to
the limitation of the implementation, it is expensive, vulnerable to trust store
poisoning, and slow on certificate use. All of which needs to be addressed in further
development.
|
|---|