[cryptography] The Trouble with Certificate Transparency

James A. Donald jamesd at echeque.com
Sat Sep 27 00:24:36 EDT 2014


I don't know how google proposes to do it.  I don't find their 
explanation entirely clear.

Here is how I would do it.  It guarantees that everyone sees the same 
information, and any attempt to tell two different stories immediately 
gets caught.

There will be a mapping between strings and hashes, and you can look up 
the 32 byte hash corresponding to a string.

The strings will be email addresses and the urls of websites.

The hash will be a hash of assertions about the website made by the 
owner, the currently valid public keys of the website, and the past 
history of changes in this information.

Updates take effect once a day or so. If you change this information, 
you will not see the change for a day or so.  Thus if you want to update 
your key, first add an additional key.  When that propagates, update 
your website, then remove the old key.

There is a global hash that represents the root of a tree of all hashes, 
and the past history of global hashes.

To prove that the value you just looked up is the same for everyone, 
look at the chain of hashes connecting it to the root of the tree of all 
hashes.

To lie to you, to give one story to the owner, and a different story to 
you, the global hash would have to be different for the owner and for you.

A lot of people observe the global hash, and its history.  So you check 
with one of them, to make sure you are seeing the same global hash as 
they do, and they similarly check with each other.




More information about the cryptography mailing list