SmartCert: Redesigning Digital Certificates with Smart Contracts
This addresses security issues in TLS/PKI for internet users, though it appears incremental as it builds on existing smart contract technology.
The paper tackles the poor security level in validating domain ownership for digital certificates by introducing SmartCert, a smart contract-based approach that improves accountability and transparency, with implementation and evaluation showing its deployability.
The Transport Layer Security (TLS) protocol and its public-key infrastructure (PKI) are widely used in the Internet to achieve secure communication. Validating domain ownership by trusted certification authorities (CAs) is a critical step in issuing digital certificates, but unfortunately, this process provides a poor security level. In this work, we present SmartCert, a novel approach based on smart contracts to improve digital certificates. A certificate in SmartCert conveys detailed information about its validation state which is constantly changing but only with respect to the specified smart contract code and individual domain policies. CAs issuing and updating certificates are kept accountable and their actions are transparent and monitored by the code. We present the implementation and evaluation of SmartCert, and discuss its deployability.