Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Learn about ValidaTor, an innovative HTTP-based domain validation system that leverages the Tor network to enhance certificate authority security in this 19-minute conference presentation from NSDI '25. Discover how researchers from National Research Center for Applied Cybersecurity ATHENE, Technische Universität Darmstadt, and Goethe-Universität Frankfurt developed a solution to address vulnerabilities in current Domain Validation (DV) methods used by Certificate Authorities. Explore how ValidaTor creates a distributed and unpredictable set of validators using Tor's exit nodes, significantly expanding the pool of available validators while providing high path diversity and resilience against sophisticated adversaries. Examine empirical evaluations demonstrating ValidaTor's ability to achieve commercial CA validation throughput with potential to scale to Let's Encrypt-comparable volumes using minimal dedicated infrastructure and only 0.1% of Tor's bandwidth. Understand how the unpredictable validator selection makes the system fully resistant to targeted attacks while improving path diversity, reducing the number of Autonomous Systems capable of issuing fraudulent certificates by up to 27% compared to Let's Encrypt. Analyze security assessments showing negligible risk of subversion by malicious exit nodes, even with a quarter of existing nodes compromised, and learn about the publicly available code, datasets, and measurements for reproduction and future research.
