17 research outputs found
A Decentralized Dynamic PKI based on Blockchain
The central role of the certificate authority (CA) in traditional public key infrastructure (PKI) makes it fragile and prone to compromises and operational failures. Maintaining CAs and revocation lists is demanding especially in loosely-connected and large systems. Log-based PKIs have been proposed as a remedy but they do not solve the problem effectively. We provide a general model and a solution for decentralized and dynamic PKI based on a blockchain and web of trust model where the traditional CA and digital certificates are removed and instead, everything is registered on the blockchain. Registration, revocation, and update of public keys are based on a consensus mechanism between a certain number of entities that are already part of the system. Any node which is part of the system can be an auditor and initiate the revocation procedure once it finds out malicious activities. Revocation lists are no longer required as any node can efficiently verify the public keys through witnesses
Ethereum's Proposer-Builder Separation: Promises and Realities
With Ethereum's transition from Proof-of-Work to Proof-of-Stake in September
2022 came another paradigm shift, the Proposer-Builder Separation (PBS) scheme.
PBS was introduced to decouple the roles of selecting and ordering transactions
in a block (i.e., the builder), from those validating its contents and
proposing the block to the network as the new head of the blockchain (i.e., the
proposer). In this landscape, proposers are the validators in the
Proof-of-Stake consensus protocol who validate and secure the network, while
now relying on specialized block builders for creating blocks with the most
value (e.g., transaction fees) for the proposer. Additionally, relays play a
crucial new role in this ecosystem, acting as mediators between builders and
proposers, being entrusted with the responsibility of transmitting the most
lucrative blocks from the builders to the proposers.
PBS is currently an opt-in protocol (i.e., a proposer can still opt-out and
build their own blocks). In this work, we study it's adoption and show that the
current PBS landscape exhibits significant centralization amongst the builders
and relays. We further explore whether PBS effectively achieves its intended
objectives of enabling hobbyist validators to maximize block profitability and
preventing censorship. Our findings reveal that although PBS grants all
validators the same opportunity to access optimized and competitive blocks, it
tends to stimulate censorship rather than reduce it. Additionally, our analysis
demonstrates that relays do not consistently uphold their commitments and may
prove unreliable. Specifically, there are instances where proposers do not
receive the complete value as initially promised, and the censorship or
filtering capabilities pledged by the relay exhibit significant gaps
A Generic Construction of an Anonymous Reputation System and Instantiations from Lattices
With an anonymous reputation system one can realize the process of rating sellers anonymously in an online shop. While raters can stay anonymous, sellers still have the guarantee that they can be only be reviewed by raters who bought their product.We present the first generic construction of a reputation system from basic building blocks, namely digital signatures, encryption schemes, non-interactive zero-knowledge proofs, and linking indistinguishable tags. We then show the security of the reputation system in a strong security model. Among others, we instantiate the generic construction with building blocks based on lattice problems, leading to the first module lattice-based reputation system
Chrisimos: A useful Proof-of-Work for finding Minimal Dominating Set of a graph
Hash-based Proof-of-Work (PoW) used in the Bitcoin Blockchain leads to high
energy consumption and resource wastage. In this paper, we aim to re-purpose
the energy by replacing the hash function with real-life problems having
commercial utility. We propose Chrisimos, a useful Proof-of-Work where miners
are required to find a minimal dominating set for real-life graph instances. A
miner who is able to output the smallest dominating set for the given graph
within the block interval time wins the mining game. We also propose a new
chain selection rule that ensures the security of the scheme. Thus our protocol
also realizes a decentralized minimal dominating set solver for any graph
instance. We provide formal proof of correctness and show via experimental
results that the block interval time is within feasible bounds of hash-based
PoW.Comment: 20 pages, 3 figures. An abridged version of the paper got accepted in
The International Symposium on Intelligent and Trustworthy Computing,
Communications, and Networking (ITCCN-2023) held in conjunction with the 22nd
IEEE International Conference on Trust, Security and Privacy in Computing and
Communications (TrustCom-2023
Understanding and Hardening Blockchain Network Security Against Denial of Service Attacks
This thesis aims to examine the security of a blockchain\u27s communication network. A blockchain relies on a communication network to deliver transactions. Understanding and hardening the security of the communication network against Denial-of-Service (DoS) attacks are thus critical to the well-being of blockchain participants. Existing research has examined blockchain system security in various system components, including mining incentives, consensus protocols, and applications such as smart contracts. However, the security of a blockchain\u27s communication network remains understudied.
In practice, a blockchain\u27s communication network typically consists of three services: RPC service, P2P network, and mempool. This thesis examines each service\u27s designs and implementations, discovers vulnerabilities that lead to DoS attacks, and uncovers the P2P network topology. Through systematic evaluations and measurements, the thesis confirms that real-world network services in Ethereum are vulnerable to DoS attacks, leading to a potential collapse of the Ethereum ecosystem. Besides, the uncovered P2P network topology in Ethereum mainnet suggests that critical nodes adopt a biased neighbor selection strategy in the mainnet. Finally, to fix the discovered vulnerabilities, practical mitigation solutions are proposed in this thesis to harden the security of Ethereum\u27s communication network
Efficient VOLE based Multi-Party PSI with Lower Communication Cost
We present a new method for doing multi-party private set intersection against a malicious adversary, which reduces the total communication cost to . Additionally, our method can also be used to build a multi-party Circuit-PSI without payload. Our protocol is based on Vector-OLE(VOLE) and oblivious key-value store(OKVS). To meet the requirements of the protocol, we first promote the definition of VOLE to a multi-party version. After that, we use the new primitive to construct our protocol and prove that it can tolerate all-but-two malicious corruptions.
Our protocol follows the idea of [RS21], where each party encodes the respective set as a vector, uses VOLE to encrypt the vector, and finally construct an OPRF to get the result. When it comes to multi-party situation, we have to encrypt several vectors at one time. As a result, the VOLE used in [RS21] and follow-up papers is not enough, that brings our idea of an multi-party VOLE
AI-powered Fraud Detection in Decentralized Finance: A Project Life Cycle Perspective
In recent years, blockchain technology has introduced decentralized finance
(DeFi) as an alternative to traditional financial systems. DeFi aims to create
a transparent and efficient financial ecosystem using smart contracts and
emerging decentralized applications. However, the growing popularity of DeFi
has made it a target for fraudulent activities, resulting in losses of billions
of dollars due to various types of frauds. To address these issues, researchers
have explored the potential of artificial intelligence (AI) approaches to
detect such fraudulent activities. Yet, there is a lack of a systematic survey
to organize and summarize those existing works and to identify the future
research opportunities. In this survey, we provide a systematic taxonomy of
various frauds in the DeFi ecosystem, categorized by the different stages of a
DeFi project's life cycle: project development, introduction, growth, maturity,
and decline. This taxonomy is based on our finding: many frauds have strong
correlations in the stage of the DeFi project. According to the taxonomy, we
review existing AI-powered detection methods, including statistical modeling,
natural language processing and other machine learning techniques, etc. We find
that fraud detection in different stages employs distinct types of methods and
observe the commendable performance of tree-based and graph-related models in
tackling fraud detection tasks. By analyzing the challenges and trends, we
present the findings to provide proactive suggestion and guide future research
in DeFi fraud detection. We believe that this survey is able to support
researchers, practitioners, and regulators in establishing a secure and
trustworthy DeFi ecosystem.Comment: 38 pages, update reference