The aim of this work is to design and create a tool to collect a large number of used digital certificates from the Internet, while also providing an interface for their management and enabling their quantitative analysis for Internet security research. The thesis first analyzes the requirements and existing projects with a similar goal and then designs its own solution. The output is a modular tool called Cevast, which allows you to collect real digital certificates from the Internet, manage them on a local storage and analyze them using a wide range of functions, in the context of this thesis especially validation using existing implementations of SSL/TLS protocols. Part of the thesis is also a presentation of the functionality of the tool by performing an analysis on a sample of certificates and its evaluation.
Quantitative analysis of TLS certificate validity on the Internet
University
Faculty of Informatics
Date of Completion
spring 2020
Resources
Leader
Martin Ukrop
Student
Radim Podola