Secure and Privacy-Aware Blockchain Design: Requirements, Challenges and Solutions
Authors: Sidra Aslam, Aleksandar Tošic, and Michael Mrissa
During the last decade, distributed ledger solutions such as blockchain have gained significant attention due to their decentralized, immutable, and verifiable features. However, the public availability of data stored on the blockchain and its link to users may raise privacy and security issues. In some cases, addressing these issues requires blockchain data to be secured with mechanisms that allow on-demand (as opposed to full) disclosure. In this paper, we give a comprehensive overview of blockchain privacy and security requirements, and detail how existing mechanisms answer them. We provide a taxonomy of current attacks together with related countermeasures. We present a thorough comparative analysis based on various parameters of state-of the-art privacy and security mechanisms, we provide recommendations to design secure and privacy-aware blockchain, and we suggest guidelines for future research.
Practical Concerns in Enforcing Ethereum Smart Contracts as a Rewarding Platform in Decentralized Learning
Authors: Sandi Rahmadika, Muhammad Firdaus, Seolah Jang, and Kyung-Hyune Rhee
Decentralized approaches are extensively researched by academia and industry in order to cover up the flaws of existing systems in terms of data privacy. Blockchain and decentralized learning are prominent representatives of a deconcentrated approach. Blockchain is secure by design since the data record is irrevocable, tamper-resistant, consensus-based decision making, and inexpensive of overall transactions. On the other hand, decentralized learning empowers a number of devices collectively in improving a deep learning model without exposing the dataset publicly. To motivate participants to use their resources in building models, a decent and proportional incentive system is a necessity. A centralized incentive mechanism is likely inconvenient to be adopted in decentralized learning since it relies on the middleman that still suffers from bottleneck issues. Therefore, we design an incentive model for decentralized learning applications by leveraging the Ethereum smart contract. The simulation results satisfy the design goals. We also outline the concerns in implementing the presented scheme for sensitive data regarding privacy and data leakage.
Epoque: Practical End-to-End Verifiable Post-Quantum-Secure E-Voting
Authors: Xavier Boyen, Thomas Haines, and Johannes Muller
The ultimate goal in modern secure e-voting is to enable everyone to verify whether the final election result correctly reflects the votes chosen by the (human) voters, without exposing how each individual voted. These fundamental security properties are called end-to-end verifiability and voter privacy. Unfortunately, it turns out to be very challenging to pursue these properties simultaneously, especially when the latter must be future-proofed against the rise of quantum computers. In this work, we show, for the first time, a practical approach to do this. We present Epoque, the first end-to-end verifiable, voterprivate, post-quantum-secure homomorphic e-voting protocol. It achieves its properties through the combination of practical lattice-based cryptographic primitives only, in a novel way. We formally prove all our security claims under common trust and hardness assumptions. At the core of Epoque lies an efficient identity-based encryption (IBE) scheme with blazingly fast master-key decryption. It is the component that makes the efficient tallying of thousands or millions of ballots a practical possibility. In order to demonstrate its practicality, we fully implemented it and provide detailed benchmarks; we believe this latter contribution is of independent interest beyond the specific e-voting application.
Nakamoto Consensus to Accelerate Supervised Classification Algorithms for Multiparty Computing
Authors: Zhen Zhang, Bing Guo, Yan Shen, Chengjie Li, Xinhua Suo, and Hong Su
Bitcoin mining consumes tremendous amounts of electricity to solve the hash problem. At the same time, large-scale applications of artificial intelligence (AI) require efficient and secure computing. (ere are many computing devices in use, and the hardware resources are highly heterogeneous. (is means a cooperation mechanism is needed to realize cooperation among computing devices, and a good calculation structure is required in the case of data dispersion. In this paper, we propose an architecture where devices (also called nodes) can reach a consensus on task results using off-chain smart contracts and private data. (e proposed distributed computing architecture can accelerate computing-intensive and data-intensive supervised classification algorithms with limited resources. (is architecture can significantly increase privacy protection and prevent leakage of distributed data. Our proposed architecture can support heterogeneous data, making computing on each device more efficient. We used mathematical formulas to prove the correctness and robustness of our system and deduced the condition to stop a given task. In the experiments, we transformed Bitcoin hash collision into distributed computing on several nodes and evaluated the training and prediction accuracy for handwritten digit images (MNIST). (e experimental results demonstrate the effectiveness of the proposed method.
AMVchain: authority management mechanism on blockchain-based voting systems
Authors: Chenchen Li, Jiang Xiao, Xiaohai Dai, and Hai Jin
As blockchain technology booms, modern electronic voting system leverages blockchain as underlying storage model to make the voting process more transparent, and guarantee immutability of data. However, the transparent characteristic may disclose sensitive information of candidate for all system users have the same right to their information. Besides that, the pseudo-anonymity of blockchain will lead to the disclosure of voters’ privacy and the third-parties such as registration institutions involved in voting process also have possibility of tampering data. To overcome these difficulties, we apply authority management mechanism into blockchain-based voting systems. In this paper, we put forward AMVchain, a fully decentralized and efficient blockchain-based voting system. AMVchain has a three-layer access control architecture, and on each layer, smart contracts are responsible for validation and granting permissions. Linkable ring signature is adopted in the process of voting to protect ballot-privacy. AMVchain also makes a tradeoff between efficiency and concurrency by introducing proxy nodes. The experiments results show that our system meets the basic requirements under the high concurrent users circumstance.
A Theoretical Treatment of Blockchain Scaling Protocols
Authors: Georgia Avarikioti
Scaling decentralized blockchains has been in the spotlight of the blockchain research community due to the immediate consequences on the widespread adoption of cryptocurrencies. In this thesis, we examine different scaling solutions of blockchain protocols mainly from a theoretical perspective. We first present a formalization of sharding protocols, the most promising on-chain scaling solution. Our goal is to provide formal “common grounds” for systematically evaluating the security and efficiency of sharding systems. To that end, we define the necessary properties sharding protocols should satisfy. To demonstrate the power of our framework, we evaluate the most prominent sharding systems found in literature, and further provide bounds and limitations of what sharding protocols can achieve in general. We conclude by identifying the critical components of sharding. We then focus on off-chain scaling solutions, and in particular, payment channels. We highlight and address security concerns on the fundamental construction of payment channels. Specifically, previous payment channel designs demand participants to be online monitoring the blockchain, while the blockchain should be live and the network synchronous. We alleviate the first assumption for Bitcoin-compatible constructions by presenting Cerberus channels. Cerberus channels enable participants to go securely offline for an extended period of time as monitoring the blockchain is outsourced to third-parties that are financially incentivized to faithfully follow the protocol. Assuming smart contracts we later present Brick, the first incentive-compatible asynchronous payment channel construction, effectively eliminating both security assumptions. Brick remains secure with offline participants under network asynchrony, and concurrently provides correct incentives. Finally, we study the creation of payment channel networks under the lens of theory. On the one hand, we investigate the design of capital-efficient payment channel networks assuming a central coordinator. For this purpose, we introduce an algorithmic framework and present numerous results, either efficient (approximation) algorithms or hardness results. On the other hand, we model payment channel networks as network creation games, where participants act selfishly. We analyze prominent topologies for Nash equilibria, determine the social optima, and bound the price of anarchy when possible. Our objective is to determine the optimal topologies for payment channel networks, both under central coordination and when the network is decentralized.
Cost-Effective Blockchain-based IoT Data Marketplaces with a Credit Invariant
Authors: James Meijers, Guntur Dharma Putra, Grammateia Kotsialou, Salil S. Kanhere, and Andreas Veneris
Billions of Internet of Things (IoT) devices deployed today collect massive amounts of potentially valuable data. To efficiently utilize this data, markets must be developed where data can be traded in real time. Blockchain technology offers a potential platform for these types of markets. However, previous proposals using blockchain technology either require trusted third parties such as data brokers, or necessitate a large number of on-chain transactions to operate, incurring excessive overhead costs. This paper proposes a trustless data trading system that minimizes both the risk of fraud and the number of transactions performed on chain. In this system, data producers and consumers come to binding agreements while trading data off chain and they only settle on chain when a deposit or withdrawal of funds is required. A credit mechanism is also developed to further reduce the incurred fees. Additionally, the proposed marketplace is benchmarked on a private Ethereum network running on a lab-scale testbed and the proposed credit system is simulated so to analyze its risks and benefits.
From Caesar Ciphers to Elliptic Curves: Detailing Improvements in the Computational Complexity of Common Encryption Schemes
Authors: Liam Flaherty
An effort is made to strike a balance between rigor and readability in this paper. At it’s essence, the paper is an application of the mathematics behind each encryption scheme. As such, rigor can be expected in the mathematics sections (Section 2) while practicality and intuitiveness is emphasized when discussing encryption schemes (Sections 3-4). In some instances, the reader is assumed to be familiar with common mathematical concepts (prime, coprime, composite, etc.) while in other cases, definitions are clearly provided. Despite the mathematics being heavy on proof-work, an abundance of examples are given. To quote Joseph Gallian, whose book on Algebra served as a reference at various points, “The best way to grasp the meat of a theorem is to see what it says in specific cases”.
An empirical analysis of pool hopping behavior in the Bitcoin blockchain
Authors: Natkamon Tovanich, Nicolas Soulié, Nicolas Heulot, and Petra Isenberg
We provide an empirical analysis of pool hopping behavior among 15 mining pools throughout Bitcoin’s history. Mining pools have emerged as major players to ensure that the Bitcoin system stays secure, valid, and stable. Individual miners join mining pools to benefit from a more predictable income. Many questions remain open regarding how mining pools have evolved throughout Bitcoin’s history and when and why miners join or leave mining pools. We propose a heuristic algorithm to extract the payout flow from mining pools and detect the pools’ migration of miners. Our results showed that payout schemes and pool fees influence miners’ decisions to join, change, or exit from a mining pool, thus affecting the dynamics of mining pool market shares. Our analysis provides evidence that mining activity becomes an industry as miners’ decisions follow classical economic rationale.