REACT: Rewards and Enforceability for Augmented Certificate Transparency

Thu 26May2016

Steve Matsumoto, ETH Zurich

From 12.00 until 13.30

At ETH Zurich, CNB/F/110

Universitätstrasse 6, 8092 Zurich


Man-in-the-middle attacks in TLS due to compromised CAs have been mitigated by log-based PKI enhancements such as Certificate Transparency. However, these log-based schemes do not offer sufficient incentives to logs and monitors, and do not offer any automatic actions that domains can take in response to CA misbehavior. We propose REACT, an Ethereum-based PKI enhancement that offers automatic responses to CA misbehavior and incentives for those who help detect misbehavior. REACT’s decentralized nature and smart contract system allows open participation, offers incentives for vigilance over CAs, and enables financial recourse against misbehavior. We demonstrate through a financial ROI-based model and through an Ethereum prototype implementation that the incentives and increased deterrence offered by REACT are technically and economically viable.

Download Event to Calendar