Ashoka student research making internet snooping-free
Hyperledger – a collaboration between Linux Foundation, IBM and Intel – funds the research
I decided to focus on cyber security given the current gaps in the system. I began my research on this technology for my thesis as part of the Ashoka Scholar Programme in 2017-18. I wanted to explore how blockchain technology could be used for identity verification of websites and reduce snooping.
Currently, the protocol widely used to secure communication over the internet is SSL/TSL certification. This basically means that when the “HTTPS” connection appears in the URL of a website, it has been secured through acquiring an SSL certificate. For instance bank websites would be certified.
The issue, however, is that SSL certificates are issued by a third-party referred to as Certificate Authorities (CAs), and if a CA is compromised, this can lead to fraud. Once a browser accepts a malicious certificate, the information sent over that connection can be manipulated by the attacker. A well known recent incident is the issuance of fake certificates by the famous Dutch Certificate Authority DigiNotar in 2011 affecting internet giants such as Google, Microsoft, Twitter, and some governments too.
During my literature review on this topic, I came across Certificate Transparency – a potential solution developed by Google, currently applicable to browsers like Google Chrome. However, as we dug deeper, my thesis mentor Prof. Mahavir Jhawar and I identified that the measure developed by Google was reactive, coming into action only after fake certificates had been issued.
We, instead, wanted to find a pre-emptive solution, which also gave website owners absolute control of certificate issuance, completely eradicating the possibility of single point failure of a CA.
This led us to leverage blockchain technology to solve this problem.
Why Blockchain? This is because in simple terms, blockchain is an immutable distributed ledger (list of records or transactions). By design, the information that is recorded on blockchain cannot be tampered with. Blockchain technology is decentralised in nature – there is no single authority in this system with no single point of failure.
Using blockchain technology to solve the problem at hand meant understanding this technology in detail, along with developing a blockchain application as the solution (protocol). This was a huge learning curve for me, and coupled with developing a new protocol, seemed very challenging.
However, with constant support from my mentor(s) at Ashoka, setting milestones at every step, and breaking the task into sub-tasks, I was able to accomplish my goal for the thesis. The protocol I developed was a working prototype of the approach on IBM’s Hyperledger Fabric (blockchain platform).
My first experience giving an academic presentation outside a classroom at a professional conference was a game changer. After I graduated in May 2018, I continued to work on the CTB (Certificate Transparency using Blockchain) project with my mentor. Once our work had reached a reasonable stage, we submitted it to an international conference in Singapore (November, 2018) and the paper was accepted.
I was intimidated at the beginning given the average age of researchers at the conference – most were doctoral students, post-docs and professors. There were a few postgraduate students. However, once I settled in, my presentation went very well. It was a great experience and a brilliant opportunity to gain comments from the blockchain community to further develop the research. I also had the opportunity to meet pioneers in the blockchain industry, including those who built the IBM Hyperledger Fabric.
Getting funding from Hyperledger was a huge step and we have currently hired interns to work on this technology further. Once fine-tuned, implementation would be the next step. Hyperledger is an umbrella project of open-source blockchain platforms started by Linux Foundation with the support of companies like IBM, Intel, Cisco, VMWare. We applied for the Hyperledger Internship program 2019, which provided funding to hire intern(s), and received it. I have had an incredible opportunity to mentor our interns to further work on the prototype and develop it into a fully fledged application. It has been really exciting to see the project grow and I am hoping that in the next few months, we would have an application that is deployable at scale.
(To read further about our solution: Certificate Transparency using Blockchain (CTB))
I currently work as a Software Engineer at a startup – Amuse Labs, located in Bangalore. I primarily work on PuzzleMe, an online platform for ‘Knowledge Games’ such as Crosswords, Sudoku and Word Search. Working in production at Amuse Labs has helped me understand software development, which has also deepened my understanding of blockchain development further.
I also decided to be a Teaching Assistant at Ashoka when I heard about the new course on Blockchain and Cryptocurrencies that Prof. Jhawar was offering. Teaching demanded that I further pick up new technologies as I had to have an idea of the platforms that students were using to build projects. While shuttling between Bangalore and NCR was stressful, it was also extremely gratifying. This wouldn’t have been possible without the great support I got from my team at Amuse Labs.
Ashoka opened up new horizons for me. From being part of the resident life team at Ashoka to every course project I worked on, it has been a hugely enriching experience for me. Most importantly, being a part of the founding undergraduate batch was a unique experience. There was always something to learn at every stage and from every interaction I had at Ashoka. I could not have achieved any of my research milestones without the kind of mentoring I received from my professors and the support I had from the university as a whole.
Deva Surya Vivek Madala is the Ashoka alumnus who developed technology for making internet snooping free as part of his undergraduate research.