Efficient Data Structures for Certificate Transparency.

Date of Submission

December 2016

Date of Award

Winter 12-12-2017

Institute Name (Publisher)

Indian Statistical Institute

Document Type

Master's Dissertation

Degree Name

Master of Technology

Subject Name

Computer Science


Cryptology and Security Research Unit (CSRU-Kolkata)


Ruj, Sushmita (CSRU-Kolkata; ISI)

Abstract (Summary of the Work)

Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting malicious websites if they are provisioned with mistakenly issued certificates or certificates that have been issued by a certificate authority (CA) which is compromised. Google proposed certificate transparency which is an open framework to monitor and audit certificates in real time. However, the size of a proof is logarithmic in the number of certificates. This large proof size consumes a lot of bandwidth. Apart from this drawback, revocation is not handled. In NDSS 2014, Ryan extended certificate transparency to handle efficient revocation of a certificate. However, the size of a proof still remains logarithmic in the number of certificates.We have developed and extended the concept of certificate transparency introduced by Google and its enhanced version proposed by Ryan. We have introduced bilinear-map accumulators (in the context of certificate transparency) in order to provide proofs of constant size irrespective of the number of certificates. Our scheme has many desirable properties like efficient revocation, constant size proofs, low verification cost and update costs comparable to the existing schemes. We provide proofs of security and evaluate the performance of our scheme.


ProQuest Collection ID: http://gateway.proquest.com/openurl?url_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation&res_dat=xri:pqm&rft_dat=xri:pqdiss:28843313

Control Number


Creative Commons License

Creative Commons Attribution 4.0 International License
This work is licensed under a Creative Commons Attribution 4.0 International License.



This document is currently not available here.