University of Twente Student Theses

Login

Finding Personally Identifiable Information Leaked via Publicly Accessible CT Logs

van Mourik, F.G. (2021) Finding Personally Identifiable Information Leaked via Publicly Accessible CT Logs.

[img] PDF
289kB
Abstract:Certificate Transparency (CT) is a network security standard that includes all public-key certificates in publicly accessible logs. Major browser vendors such as Chrome require certificates to be present in CT logs before accepting them. These logs can be analysed and audited by everyone in the world, adding an extra layer of security on top of the Internet. These certificates, however, might include personally identifiable information (PII) from website creators or administrators, for instance their first and last name. Since CT logs are queryable at a large scale, possibly contain PII, and are non-optional, a privacy issue arises. This research provides a proof-of-concept approach to find PII in these public logs by looking at the registered domain names within over one billion certificates and characteristics of these domain names in combination with commonly-used Dutch first and last names. Additionally, in this work we aim to find providers of PII in certificate's domain names, focused on the ".nl" DNS zone. Here we found several companies that potentially forward PII of their customers in CT. Finally, this research looks into the amount of PII in domain names over time in order to spot possible increasing and decreasing trends. No significant trends were observed.
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science BSc (56964)
Link to this item:http://purl.utwente.nl/essays/86900
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page