Design and evaluation of blockchain-based security protocols

Many security protocols rely on the assumption that the trusted third party (TTP) will behave “as it should”. However, this assumption is difficult to justify in the real world. A TTP may become malicious due to its hidden interests or having been compromised. It is publicly acknowledged that a failed TTP can easily destroy the entire security protocol. This thesis aims to provide results on how to use blockchain technologies to mitigate TTP challenges and thereby secure existing cryptographic protocols. Firstly, we formally define a smart contract-based TTP (denoted as TTP-I) and give two security protocols based on such a type of TTP as concrete instances. In this approach, a smart contract can either complement a TTP’s actions or take over the entire functions of the existing TTP. This helps to obtain many security properties such as transparency and accountability. Smart contracts, however, are not adequate to replace TTP that is capable of maintaining secret information since all the states changed by TTP-I are in plaintext and publicly accessible. To fill the gap, we propose another type of TTP (denoted as TTP-II) that enables confidential executions by combining smart contracts and Trusted Execution Environments (TEEs). To achieve this goal, we first investigate the state-of-the-art TEE-aided confidential smart contracts and then explore their core mechanisms. We further apply TTP-II to a traceable credential system and an accountable decryption system. These systems are proved secure and feasible. However, since blockchain systems suffer from scalability and performance issues, the development of blockchain-based cryptographic protocols is inevitably retarded. At last, to make better blockchain systems, we provide two core mechanisms: a weak consensus algorithm and a delegatable payment protocol. The weak consensus algorithm allows parallel block generation, improving the performance and scalability of upper-layer blockchain systems. The delegatable payment protocol creates an offline payment channel, improving the payment speed. Both proposed algorithms have been practically implemented and systematically evaluated. Notably, the weak consensus algorithm has already been taken up by industries. Video abstract: https://youtu.be/rkAatxBRau

A privacy-preserving design for sharing demand-driven patient datasets over permissioned blockchains and P2P secure transfer

Sharing patient datasets curated by health institutions is critical for the advance of monitoring, surveillance and research. However, patient data is sensitive data and it can only be released under certain conditions and with previous explicit consent. Privacy preserving data sharing provides techniques to distribute datasets minimizing the risk of identification of patients. However, the sharing of datasets is typically done without considering the needs or requests of data consumers. Blockchain technologies provide an opportunity to gather those requests and share and assemble datasets using privacy-preserving methods as data and requirements on anonymity match. The architecture and design of such a solution is described, assuming an underlying permissioned blockchain network where providers such as healthcare institutions deal with consent, patient preferences and anonymity guarantees, playing a mediator role to a network of organizations

Bringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs

Today, digital identity management for individuals is either inconvenient and error-prone or creates undesirable lock-in effects and violates privacy and security expectations. These shortcomings inhibit the digital transformation in general and seem particularly concerning in the context of novel applications such as access control for decentralized autonomous organizations and identification in the Metaverse. Decentralized or self-sovereign identity (SSI) aims to offer a solution to this dilemma by empowering individuals to manage their digital identity through machine-verifiable attestations stored in a "digital wallet" application on their edge devices. However, when presented to a relying party, these attestations typically reveal more attributes than required and allow tracking end users' activities. Several academic works and practical solutions exist to reduce or avoid such excessive information disclosure, from simple selective disclosure to data-minimizing anonymous credentials based on zero-knowledge proofs (ZKPs). We first demonstrate that the SSI solutions that are currently built with anonymous credentials still lack essential features such as scalable revocation, certificate chaining, and integration with secure elements. We then argue that general-purpose ZKPs in the form of zk-SNARKs can appropriately address these pressing challenges. We describe our implementation and conduct performance tests on different edge devices to illustrate that the performance of zk-SNARK-based anonymous credentials is already practical. We also discuss further advantages that general-purpose ZKPs can easily provide for digital wallets, for instance, to create "designated verifier presentations" that facilitate new design options for digital identity infrastructures that previously were not accessible because of the threat of man-in-the-middle attacks

Invoice factoring through blockchain technology

(English) Invoice factoring has been a popular way to provide cash flow for businesses. The primary function of a factoring system is to prevent an invoice from being factored twice. In order to prevent double factoring, many factoring ecosystems use one or several centralized entities to register factoring agreements. However, this puts a lot of power in the hands of these centralized entities and makes it difficult for users to dispute situations in which factoring data is unavailable, wrongly recorded or manipulated by negligence or on purpose. This thesis presents our research around the current problems of invoice factoring and our new solutions to solve this process using the blockchain technology. A public blockchain can keep a permanent, secure, ordered and transparent record of transactions which are then available for everyone at any time to view and verify. In this thesis, we start proposing a base solution, and we gradually enhance it. In the base protocol, we propose an architecture for invoicing registration based on a general blockchain. The blockchain platform builds trust between the parties by executing transactions correctly. We employed a smart contract to complete the registration process, and prevent double factoring. The smart contract provides for auditing and dispute resolution in such a way that privacy is protected and relevant information is always available. In the second protocol, we add a relayer to our architecture for easier on-boarding. Only the relayer is required to submit blockchain transactions, and pay the corresponding fees. Other participants can proxy their transactions through the relayer, and pay the relayer in fiat money. We also enhance our identity management and authentication using the concept of verifiable credentials (VC) in order to better comply with the Know-Your-Customer (KYC) regulation. In fact, in this architecture, participants use their decentralized identifiers (DIDs) and the DIDComm protocol for asynchronous and secure off-chain interactions. In the final protocol, we greatly enhance our smart contract with respect to the conditions it checks before registering an invoice factoring. We integrate non-interactive zero-knowledge proofs and cryptographic commitments into our solution. With these cryptographic tools in place, we can prevent a special type of denial of service (DoS) attack and better verify invoice details without compromising privacy. Our protocols are very efficient in terms of blockchain costs. In particular, we only need one transaction to register an invoice factoring, and most of the details are recorded in low-cost blockchain storage. Our evaluations and comparison with the literature reveals that our protocols are superior to the related works with respect to efficiency, security, privacy, and ease of use.(Català) La venda de factures o "invoice factoring" ha estat una forma popular de proporcionar flux de caixa a les empreses. La funció principal d'un sistema de venda de factures és evitar que una factura sigui venuda dues vegades. Per evitar la doble venda, molts ecosistemes de factoring utilitzen entitats centralitzades per registrar els acords de venda de factures. Això, però, posa molt poder en mans d'aquestes entitats centralitzades i dificulta que els usuaris puguin impugnar o rebatre situacions en què les dades de venda no estan disponibles, es registren erròniament o es manipulen ja sigui per negligència o a propòsit. Aquesta tesi presenta la nostra recerca al voltant dels problemes actuals dels sistemes de registre de venda de factures i les nostres novedosses solucions per resoldre aquest procés utilitzant la tecnologia "blockchain" (cadena de blocs). Mitjançant una blockchain pública es pot mantenir un registre permanent, segur, ordenat i transparent de transaccions que estan disponibles per a tothom en qualsevol moment per poder ser observades i verificades. A la tesi, comencem proposant una solució base i la anem ampliant i millorant gradualment. La primera proposta és un protocol que utilitza una arquitectura amb blockchain. La plataforma blockchain genera confiança entre les parts ja que garanteix la correcta execució de les transaccions. En aquest sentit, fem servir un contracte intel·ligent per completar el procés de registre i evitar la doble venda. El contracte intel·ligent permet l'auditoria i la resolució de disputes de manera que protegim la privadesa i fem que la informació rellevant estigui sempre disponible. Al segon protocol, afegim un "relay" o retransmissor a la nostra arquitectura per facilitar la incorporació d'usuaris al sistema. El retransmissor és l'únic que envia transaccions a la cadena de blocs i el que paga les taxes corresponents. Els altres participants poden delegar l'enviament de les seves transaccions al repetidor i pagar amb diners fiduciaris. En aquesta proposta també millorem la gestió de la identitat i de l'autenticació utilitzant el concepte de credencials verificables (Verifiable Credentials o VC) per complir millor amb la normativa "Conegui el seu client" (Know Your Customer o KYC). De fet, en aquesta arquitectura, els participants utilitzen els seus identificadors descentralitzats (Decentralized Identifier o DID) i el protocol DIDComm per a les interaccions asíncrones i segures fora de la cadena. Al protocol final, millorem en gran mesura el nostre contracte intel·ligent pel que fa a les condicions que comprova abans de registrar una venda de factura. En aquesta última solució, integrem proves no interactives de coneixement nul (Zero Knowledge Proofs o ZKP) i compromisos criptogràfics. Amb aquestes eines, podem evitar un tipus especial d'atac de denegació de servei (Denial of Service o DoS) i verificar millor els detalls de les factures sense comprometre la privadesa. Els nostres protocols són molt eficients en termes de cost per comissions. En particular, només necessitem una transacció per registrar una factura i la majoria dels detalls es registren a l'emmagatzematge de la cadena de blocs de baix cost. Les nostres avaluacions i la comparació amb la literatura revelen que els nostres protocols són superiors als treballs relacionats pel que fa a l'eficiència, la seguretat, la privadesa i facilitat d'ús.Enginyeria telemàtic

Invoice factoring through blockchain technology

(English) Invoice factoring has been a popular way to provide cash flow for businesses. The primary function of a factoring system is to prevent an invoice from being factored twice. In order to prevent double factoring, many factoring ecosystems use one or several centralized entities to register factoring agreements. However, this puts a lot of power in the hands of these centralized entities and makes it difficult for users to dispute situations in which factoring data is unavailable, wrongly recorded or manipulated by negligence or on purpose. This thesis presents our research around the current problems of invoice factoring and our new solutions to solve this process using the blockchain technology. A public blockchain can keep a permanent, secure, ordered and transparent record of transactions which are then available for everyone at any time to view and verify. In this thesis, we start proposing a base solution, and we gradually enhance it. In the base protocol, we propose an architecture for invoicing registration based on a general blockchain. The blockchain platform builds trust between the parties by executing transactions correctly. We employed a smart contract to complete the registration process, and prevent double factoring. The smart contract provides for auditing and dispute resolution in such a way that privacy is protected and relevant information is always available. In the second protocol, we add a relayer to our architecture for easier on-boarding. Only the relayer is required to submit blockchain transactions, and pay the corresponding fees. Other participants can proxy their transactions through the relayer, and pay the relayer in fiat money. We also enhance our identity management and authentication using the concept of verifiable credentials (VC) in order to better comply with the Know-Your-Customer (KYC) regulation. In fact, in this architecture, participants use their decentralized identifiers (DIDs) and the DIDComm protocol for asynchronous and secure off-chain interactions. In the final protocol, we greatly enhance our smart contract with respect to the conditions it checks before registering an invoice factoring. We integrate non-interactive zero-knowledge proofs and cryptographic commitments into our solution. With these cryptographic tools in place, we can prevent a special type of denial of service (DoS) attack and better verify invoice details without compromising privacy. Our protocols are very efficient in terms of blockchain costs. In particular, we only need one transaction to register an invoice factoring, and most of the details are recorded in low-cost blockchain storage. Our evaluations and comparison with the literature reveals that our protocols are superior to the related works with respect to efficiency, security, privacy, and ease of use.(Català) La venda de factures o "invoice factoring" ha estat una forma popular de proporcionar flux de caixa a les empreses. La funció principal d'un sistema de venda de factures és evitar que una factura sigui venuda dues vegades. Per evitar la doble venda, molts ecosistemes de factoring utilitzen entitats centralitzades per registrar els acords de venda de factures. Això, però, posa molt poder en mans d'aquestes entitats centralitzades i dificulta que els usuaris puguin impugnar o rebatre situacions en què les dades de venda no estan disponibles, es registren erròniament o es manipulen ja sigui per negligència o a propòsit. Aquesta tesi presenta la nostra recerca al voltant dels problemes actuals dels sistemes de registre de venda de factures i les nostres novedosses solucions per resoldre aquest procés utilitzant la tecnologia "blockchain" (cadena de blocs). Mitjançant una blockchain pública es pot mantenir un registre permanent, segur, ordenat i transparent de transaccions que estan disponibles per a tothom en qualsevol moment per poder ser observades i verificades. A la tesi, comencem proposant una solució base i la anem ampliant i millorant gradualment. La primera proposta és un protocol que utilitza una arquitectura amb blockchain. La plataforma blockchain genera confiança entre les parts ja que garanteix la correcta execució de les transaccions. En aquest sentit, fem servir un contracte intel·ligent per completar el procés de registre i evitar la doble venda. El contracte intel·ligent permet l'auditoria i la resolució de disputes de manera que protegim la privadesa i fem que la informació rellevant estigui sempre disponible. Al segon protocol, afegim un "relay" o retransmissor a la nostra arquitectura per facilitar la incorporació d'usuaris al sistema. El retransmissor és l'únic que envia transaccions a la cadena de blocs i el que paga les taxes corresponents. Els altres participants poden delegar l'enviament de les seves transaccions al repetidor i pagar amb diners fiduciaris. En aquesta proposta també millorem la gestió de la identitat i de l'autenticació utilitzant el concepte de credencials verificables (Verifiable Credentials o VC) per complir millor amb la normativa "Conegui el seu client" (Know Your Customer o KYC). De fet, en aquesta arquitectura, els participants utilitzen els seus identificadors descentralitzats (Decentralized Identifier o DID) i el protocol DIDComm per a les interaccions asíncrones i segures fora de la cadena. Al protocol final, millorem en gran mesura el nostre contracte intel·ligent pel que fa a les condicions que comprova abans de registrar una venda de factura. En aquesta última solució, integrem proves no interactives de coneixement nul (Zero Knowledge Proofs o ZKP) i compromisos criptogràfics. Amb aquestes eines, podem evitar un tipus especial d'atac de denegació de servei (Denial of Service o DoS) i verificar millor els detalls de les factures sense comprometre la privadesa. Els nostres protocols són molt eficients en termes de cost per comissions. En particular, només necessitem una transacció per registrar una factura i la majoria dels detalls es registren a l'emmagatzematge de la cadena de blocs de baix cost. Les nostres avaluacions i la comparació amb la literatura revelen que els nostres protocols són superiors als treballs relacionats pel que fa a l'eficiència, la seguretat, la privadesa i facilitat d'ús.Postprint (published version