6,712 research outputs found
An Evaluation of the Security of the Bitcoin Peer-To-Peer Network
Bitcoin is a decentralised digital currency that relies on cryptography
rather than trusted third parties such as central banks for its security.
Underpinning the operation of the currency is a peer-to-peer (P2P) network that
facilitates the execution of transactions by end users, as well as the
transaction confirmation process known as bitcoin mining. The security of this
P2P network is vital for the currency to function and subversion of the
underlying network can lead to attacks on bitcoin users including theft of
bitcoins, manipulation of the mining process and denial of service (DoS). As
part of this paper the network protocol and bitcoin core software are analysed,
with three bitcoin message exchanges (the connection handshake,
GETHEADERS/HEADERS and MEMPOOL/INV) found to be potentially vulnerable to
spoofing and use in distributed denial of service (DDoS) attacks. Possible
solutions to the identified weaknesses and vulnerabilities are evaluated, such
as the introduction of random nonces into network messages exchanges.Comment: 8 Pages, 7 Figures, Conferenc
Unjamming Lightning: A Systematic Approach
Users of decentralized financial networks suffer from inventive security exploits. Identity-based fraud prevention methods are inapplicable in these networks, as they contradict their privacy-minded design philosophy. Novel mitigation strategies are therefore needed. Their rollout, however, may damage other desirable network properties.
In this work, we introduce an evaluation framework for mitigation strategies in decentralized financial networks. This framework allows researchers and developers to examine and compare proposed protocol modifications along multiple axes, such as privacy, security, and user experience.
As an example, we focus on the jamming attack in the Lightning Network. Lightning is a peer-to-peer payment channel network on top of Bitcoin. Jamming is a cheap denial-of-service attack that allows an adversary to temporarily disable Lightning channels by flooding them with failing payments.
We propose a practical solution to jamming that combines unconditional fees and peer reputation. Guided by the framework, we show that, while discouraging jamming, our solution keeps the protocol incentive compatible. It also preserves security, privacy, and user experience, and is straightforward to implement. We support our claims analytically and with simulations. Moreover, our anti-jamming solution may help alleviate other Lightning issues, such as malicious channel balance probing
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
LightChain: A DHT-based Blockchain for Resource Constrained Environments
As an append-only distributed database, blockchain is utilized in a vast
variety of applications including the cryptocurrency and Internet-of-Things
(IoT). The existing blockchain solutions have downsides in communication and
storage efficiency, convergence to centralization, and consistency problems. In
this paper, we propose LightChain, which is the first blockchain architecture
that operates over a Distributed Hash Table (DHT) of participating peers.
LightChain is a permissionless blockchain that provides addressable blocks and
transactions within the network, which makes them efficiently accessible by all
the peers. Each block and transaction is replicated within the DHT of peers and
is retrieved in an on-demand manner. Hence, peers in LightChain are not
required to retrieve or keep the entire blockchain. LightChain is fair as all
of the participating peers have a uniform chance of being involved in the
consensus regardless of their influence such as hashing power or stake.
LightChain provides a deterministic fork-resolving strategy as well as a
blacklisting mechanism, and it is secure against colluding adversarial peers
attacking the availability and integrity of the system. We provide mathematical
analysis and experimental results on scenarios involving 10K nodes to
demonstrate the security and fairness of LightChain. As we experimentally show
in this paper, compared to the mainstream blockchains like Bitcoin and
Ethereum, LightChain requires around 66 times less per node storage, and is
around 380 times faster on bootstrapping a new node to the system, while each
LightChain node is rewarded equally likely for participating in the protocol
Peer-to-Peer EnergyTrade: A Distributed Private Energy Trading Platform
Blockchain is increasingly being used as a distributed, anonymous, trustless
framework for energy trading in smart grids. However, most of the existing
solutions suffer from reliance on Trusted Third Parties (TTP), lack of privacy,
and traffic and processing overheads. In our previous work, we have proposed a
Secure Private Blockchain-based framework (SPB) for energy trading to address
the aforementioned challenges. In this paper, we present a proof-on-concept
implementation of SPB on the Ethereum private network to demonstrates SPB's
applicability for energy trading. We benchmark SPB's performance against the
relevant state-of-the-art. The implementation results demonstrate that SPB
incurs lower overheads and monetary cost for end users to trade energy compared
to existing solutions
- …