Blockchain-Based Self-Sovereign Identity: Survey, Requirements, Use-Cases, and Comparative Study
Authors: Razieh Nokhbeh Zaeem, Kai Chih Chang, Teng-Chieh Huang, David Liau, Wenting Song, Aditya Tyagi, K. Suzanne Barber, Manah M. Khalil, Michael R. Lamison, and Siddhartha Pandey
Identity is at the heart of digital transformation. Successful digital transformation requires confidence in and protection of digital identities. On the Internet, however, there is no unique and standard identity layer. Consequently, a variety of digital identities have emerged over years, leading to privacy risks, security vulnerabilities, risks for identity owners, and liability for identity issuers and those relying on digital identities to grant access to goods and services. Self-Sovereign Identity (SSI) and similar forms of identity management on the blockchain distributed ledger are novel technologies that recognize the need to keep user identity privately stored in user-owned devices, securely verified by identity issuers, and only revealed to verifiers as needed. There is limited academic literature defining the prerequisite SSI functional and non-functional requirements and comparing SSI technologies. Often those SSI technologies reviewed in the literature lack behind current advances. We present the first work that compiles a comprehensive list of functional and non-functional requirements of SSI and compares an extensive number of existing SSI/blockchain-based identity management solutions with respect to these requirements. Our work sheds light on the state-of-the-art SSI development and paves the way for future, more informed analysis and development of novel identity management and SSI solutions.
An Identity Asset Sensitivity Model in Self-Sovereign Identities
Authors: Kai Chih Chang, Razieh Nokhbeh Zaeem, and K. Suzanne Barber
Due to the emergence of new paradigms such as social media and the Internet of Things (IoT), the use of the Internet has ushered in further challenges. After years of research, there is still no complete layer of identity on the Internet. In order to provide identity management, self-sovereign identity has become a popular choice. Self-sovereign identities provide users with complete autonomy and immutability for personal identities, as well as complete control for their identity owners. Like any type of identity, a self-sovereign identity also processes the Personally Identifiable Information (PII) of the identity holder and faces privacy and security risks common to identity management. This research proposes a model of determining PII sensitivity by a score to measure what attributes or combination thereof is sensitive to share. Our work highlights that while it is important to improve how PII attributes are shared, it is paramount to identify which PII attributes are safer to share to achieve the same identity management goals.
On the Usability of Self Sovereign Identity Solutions
Authors: Razieh Nokhbeh Zaeem, Manah M. Khalil, Michael R. Lamison, Siddhartha Pandey, and K. Suzanne Barber
In the absence of a unique identity layer on the Internet, many identity solutions have evolved over time—examples include standalone username and password pairs, Single Sign On, and Federated Identity Management. Privacy and security risks for identity owners and liability for identity issuers and verifiers, however, are still alarmingly present. Self-Sovereign Identity (SSI) solutions are new technologies that recognize the need to keep user identity privately stored in user-owned devices, securely verified by identity issuers, and only revealed to verifiers and relying parties as needed. Many commercial SSI solutions are already available to users, issuers, and verifiers. As other researchers have pointed out, usability remains a pressing unknown in the existing SSI solutions. We study five of the most commonly used SSI solutions: uPort, Connect.me, Trinsic, Jolocom, and ShoCard (now PingID) with respect to their usability. We identify some concrete usability problems and suggest ways to resolve them. Our work recognizes that identifying, prioritizing, and implementing the non-functional requirement of usability in SSI solutions is essential for their adoption.
Ransomware Detection on Bitcoin Transactions Using Artificial Neural Network Methods
Authors: Hairil, Niken Dwi Wahyu Cahyani, and Hilal Hudan Nuha
The use of digital currency or cryptocurrency in various virtual transactions is common due to its easiness. Cryptocurrency is a digital currency that is used for virtual transactions on the internet network. The most common types of cryptocurrencies include Litecoin, Ethereum, Monero, Ripple, and Bitcoin. Even though cryptocurrencies have secret codes that are quite complicated and complex that serve to protect and maintain the security of digital currencies, it is possible to be hacked by skilled hackers. Cryptocurrency-related hacking is a type of digital crime that is very harmful or dangerous acts. For example, in recent years, cases of hacking on bitcoin transactions using ransomware have been on the rise. Ransomware is malicious software that secretly infects a victim’s device, and suddenly asks for a ransom to decrypt encrypted data. This type of malware aims to blackmail a victim whose computer is infected with ransomware by asking for a certain amount of money as a ransom. Therefore, a design was built in the form of a ransomware detection system based on available bitcoin heist data so as to minimize hacking attacks against cryptocurrency in the future. The ransomware detection system was built using the backpropagation artificial neural network method using Weka software. The best results in data testing are using the parameter number of hidden layer with 9 neurons; learning rate 0.1; and the number of iterations of 5000 yields an accuracy rate of 97%.
A Machine Learning Approach to Peer Connectivity Estimation for Reliable Blockchain Networking
Authors: Jinoh Kim, Makiya Nakashima, Wenjun Fan, Simeon Wuthier, Xiaobo Zhou, Ikkyun Kim, and Sang-Yoon Chang
Peer connectivity plays a significant role in a blockchain network since any poor connectivity may result in the nodes operating on outdated data (e.g., cryptocurrency transactions). Although connectivity information is maintained by individual nodes, such identifier-based information might be unreliable due to the possibility of bogus identifiers. This paper tackles the problem of peer connectivity estimation through data-driven analytics of blockchain traffic for reliable blockchain networking. We define a set of variables to represent traffic characteristics and estimate peer connectivity from the collected data using a machine learning methodology. We also investigate the feasibility of feature prioritization to minimize estimation complexities. Our experimental results show that the presented estimation mechanism makes accurate predictions, with less than 0.1 difference between the measurement and estimation for over 99.7% of predictions. The time complexity measured on a commodity machine shows a microsecond scale for completing a single prediction task, enabling real-time operations.
Smart Contract Analysis Through Communication Abstractions
Author: Arthur Scott Wesley
Smart contracts are programs that manage interactions between many users. Recently, Solidity smart contract have become a popular way to enforce financial agreements between untrusting users. However, such agreements do not eliminate trust, but rather redirects trust into the correctness of the smart contract. This means that each user must verify that a smart contract behaves correctly, regardless of how other users interact with it. Verifying a smart contract relative to all possible users is intractable due to state explosion. This thesis studies how local symmetry can be used to analyze smart contracts from a few representative users.
This thesis builds on the novel notion of participation, that gives explicit semantics to user interactions. From participation, a topology is obtained for how users interact during each transaction of a smart contract. Local symmetry analysis shows that most users are interchangeable within a topology, and therefore, most users are locally symmetric. This motivates local bundle abstractions that reduce contracts with arbitrarily many users to sequential programs with a few representative users. It is shown that local bundle abstractions can be used to ameliorate state explosion in smart contract verification, and to accelerate counterexample search in bounded analysis (e.g., fuzzing and bounded model checking). We implement local bundle abstraction in SmartACE, and show order-of-magnitude improvements in time when compared to a state-of-the-art smart contract verification tool.
Who Is Contributing to Academic Research on Blockchain Oracles? A Bibliometric Analysis
Author: Giulio Caldarelli
With the advent of smart contracts, the benefits of decentralization offered by distributed ledger technologies could be implemented in sectors other than cryptocurrencies, such as Healthcare, Supply Chain, and Finance. Smart contracts, however, need oracles to fetch data from the real world, which, on the other hand, do not offer the same characteristics of decentralization as blockchain. Despite their importance, research on oracles is still in its infancy, and academic contribution on the subject is scarce and sporadic. With a bibliometric analysis, this study aims to shed light on the institutions and authors that are actively contributing to the oracle literature with the aim of promoting progress and cooperation. The study shows that although there is still a lack of collaboration worldwide, there are authors and institutions working in similar directions. On the other hand, it can be observed that most of the areas of research are poorly addressed while others are even uncovered.
Fast Dual-Field ECDSA Accelerator with Increased Resistance against Horizontal SCA Attacks
Authors: Ievgen Kabin, Dan Klann, Zoya Dyka, and Peter Langendoerfer
Elliptic Curve Cryptography (ECC) is one of the common used standard methods for encrypting and signing messages which is essential when it comes to IoT communication. In this paper we discuss the side channel analysis attack resistance of our fast dual-field ECDSA accelerator. We present our implementation of a design supporting four different NIST Elliptic Curves to allow the reader to understand the discussion of the resistance aspects. Our key findings concerning the resistance are that the dual field design is by far more resistant against SCA than individual designs for B-curves. Here we were able to determine only two key candidates with a correctness above 85% for B-233 compared to the individual design of B-233 for which 6 key candidates with a correctness of more than 95% were revealed. In addition we were able to retrieve 4 candidates with a correctness of more than 97% for P-224 and even 3 fully correct key candidates for P-256. This is especially important as the design for ECs over GF(p) is realized using atomic patterns which is considered in the literature to ensure resistance against horizontal side-channel analysis attacks.
Distributed Point Functions and Their Applications to Secure Multi-Party Computation
Author: Adithya Vadapalli
This dissertation does an in-depth study of a nascent cryptographic primitive called Distributed Point Functions (DPFs). In this thesis, we explore the applications of DPFs to other cryptographic primitives, namely, Private Information Retrieval, Secure-Multi-Party Computation and Zero-Knowledge Proofs. In particular, the dissertation presents.
- efficient new building blocks for secure MPC protocols,
- efficient new MPC protocols to compute any non-linear function,
- scalable sigma protocols,
- a novel system for privacy-preserving streaming with recommendations,
- scalable sender-anonymous messaging protocols.