A Survey on PoW-based Consensus

We provide a historical overview of proof-of-work techniques and the fields in which it plunges its roots. We are interested in PoW-techniques applied to blockchain technology and therefore we survey the state-of-the-art protocols employing these methods for consensus algorithms, emphasizing the differences between the efficient hashcash systems and the promising bread pudding protocols. Afterwards, the consensus mechanisms are discussed and some interesting known attacks to these algorithms are collected and classified according to their underlying ideas

On Non-Parallelizable Deterministic Client Puzzle Scheme with Batch Verification Modes

A (computational) client puzzle scheme enables a client to prove to a server that a certain amount of computing resources (CPU cycles and/or Memory look-ups) has been dedicated to solve a puzzle. Researchers have identified a number of potential applications, such as constructing timed cryptography, fighting junk emails, and protecting critical infrastructure from DoS attacks. In this paper, we first revisit this concept and formally define two properties, namely deterministic computation and parallel computation resistance. Our analysis show that both properties are crucial for the effectiveness of client puzzle schemes in most application scenarios. We prove that the RSW client puzzle scheme, which is based on the repeated squaring technique, achieves both properties. Secondly, we introduce two batch verification modes for the RSW client puzzle scheme in order to improve the verification efficiency of the server, and investigate three methods for handling errors in batch verifications. Lastly, we show that client puzzle schemes can be integrated with reputation systems to further improve the effectiveness in practice

CommitCoin: Carbon Dating Commitments with Bitcoin

Abstract. In the standard definition of a commitment scheme, the sender commits to a message and immediately sends the commitment to the recipient interested in it. However the sender may not always know at the time of commitment who will become interested in verifying it. Further, when the interested party does emerge, it could be critical to establish when the commitment was made. Employing a proof of work protocol at commitment time will later allow anyone to “carbon date ” when the commitment was made, approximately, without trusting any external parties. We present CommitCoin, an instantiation of this approach that harnesses the existing processing power of the Bitcoin peer-to-peer network; a network used to mint and trade digital cash. 1 Introductory Remarks Consider the scenario where Alice makes an important discovery. It is important to her that she receives recognition for her breakthrough, however she would also like to keep it a secret until she can establish a suitable infrastructure for monetizing it. By forgoing publication of her discovery, she risks Bob independently making the same discovery and publicizing it as his own. Folklore suggests that Alice might mail herself a copy of her discovery and leave the letter sealed, with the postal service’s timestamp intact, for a later resolution time. If Bob later claims the same discovery, th

Foundations, Properties, and Security Applications of Puzzles: A Survey

Cryptographic algorithms have been used not only to create robust ciphertexts but also to generate cryptograms that, contrary to the classic goal of cryptography, are meant to be broken. These cryptograms, generally called puzzles, require the use of a certain amount of resources to be solved, hence introducing a cost that is often regarded as a time delay---though it could involve other metrics as well, such as bandwidth. These powerful features have made puzzles the core of many security protocols, acquiring increasing importance in the IT security landscape. The concept of a puzzle has subsequently been extended to other types of schemes that do not use cryptographic functions, such as CAPTCHAs, which are used to discriminate humans from machines. Overall, puzzles have experienced a renewed interest with the advent of Bitcoin, which uses a CPU-intensive puzzle as proof of work. In this paper, we provide a comprehensive study of the most important puzzle construction schemes available in the literature, categorizing them according to several attributes, such as resource type, verification type, and applications. We have redefined the term puzzle by collecting and integrating the scattered notions used in different works, to cover all the existing applications. Moreover, we provide an overview of the possible applications, identifying key requirements and different design approaches. Finally, we highlight the features and limitations of each approach, providing a useful guide for the future development of new puzzle schemes.Comment: This article has been accepted for publication in ACM Computing Survey

Puzzles criptográficos : implementación y evaluación

En este Proyecto Fin de Carrera se implementan y evalúan diferentes aplicaciones de los protocolos de pruebas de esfuerzo, también conocidos como puzzles criptográficos, que se han propuesto hasta la fecha como solución a ataques como el spam, en redes peer-to-peer, redes vehiculares, e incluso en tecnología RFID (Radio Frecuency Identification). Para ello, se va a comprobar la viabilidad de algoritmos criptográficos tales como el TEA (Tiny Encryption Algorithm) y el AES (Advanced Encryption Standard) como base de las pruebas de esfuerzo computacional. En el escenario de los RFID, por ejemplo, los puzzles criptográficos implementados pretenden aliviar algunos de los problemas relacionados con la privacidad de la información almacenada en las etiquetas RFID. Los puzzles desarrollados otorgan mayor seguridad ya que en ningún momento la etiqueta transmitirá su identificador en claro. En su lugar, la etiqueta cifrará la suma XOR del identificador (ID) y el número aleatorio (n). A continuación se la enviará al lector junto con la función resumen del identificador, una parte de la clave de cifrado (ks), y el número aleatorio (n). Formando todo ello el puzzle criptográfico Puzzle=enck(ID (+) n), h(ID), ks, n. El lector deberá resolver este puzzle invirtiendo de esta manera tiempo y recursos computacionales para poder obtener el identificador de la etiqueta y acceder así a su información almacenada en base de datos. _______________________________________________________________________________________________________________________________In this project, different applications of proof of work protocols are implemented, also known as cryptographic puzzles, which have been proposed to combat attacks like spam in peer-topeer networks, vehicular networks, and even in RFID technology (Radio Frequency Identification). In this regard, we focus on evaluating the feasibility of cryptographic algorithms such as TEA (Tiny Encryption Algorithm) and AES (Advanced Encryption Standard) as the basis for testing computational proofs of work protocol in resource-constraint scenarios. For example, assuming a RFID scenario, our cryptographic puzzles aim at alleviating some of the problems related to the privacy of the information stored in RFID tags. Moreover, our developed puzzle-based protocol provides security because of the tag will never transmit its identifier in clear. Instead, tags will encrypt the identifier (ID) XOR a nonce (n) using an encryption key (ks). Thus, it will be sent to the reader together with the hash of the identifier, a part of the encryption key (l-bits of ks), and the nonce (n). All these parts make the cryptographic puzzle: Puzzle=enck(ID (+) n), h(ID), ks, n Reader should solve this puzzle so investing time and computational resources in order to get tags’ identifiers and thereby gaining access to the information stored in the database.Ingeniería en Informátic

Achieving network resiliency using sound theoretical and practical methods

Computer networks have revolutionized the life of every citizen in our modern intercon- nected society. The impact of networked systems spans every aspect of our lives, from financial transactions to healthcare and critical services, making these systems an attractive target for malicious entities that aim to make financial or political profit. Specifically, the past decade has witnessed an astounding increase in the number and complexity of sophisti- cated and targeted attacks, known as advanced persistent threats (APT). Those attacks led to a paradigm shift in the security and reliability communities’ perspective on system design; researchers and government agencies accepted the inevitability of incidents and malicious attacks, and marshaled their efforts into the design of resilient systems. Rather than focusing solely on preventing failures and attacks, resilient systems are able to maintain an acceptable level of operation in the presence of such incidents, and then recover gracefully into normal operation. Alongside prevention, resilient system design focuses on incident detection as well as timely response. Unfortunately, the resiliency efforts of research and industry experts have been hindered by an apparent schism between theory and practice, which allows attackers to maintain the upper hand advantage. This lack of compatibility between the theory and practice of system design is attributed to the following challenges. First, theoreticians often make impractical and unjustifiable assumptions that allow for mathematical tractability while sacrificing accuracy. Second, the security and reliability communities often lack clear definitions of success criteria when comparing different system models and designs. Third, system designers often make implicit or unstated assumptions to favor practicality and ease of design. Finally, resilient systems are tested in private and isolated environments where validation and reproducibility of the results are not publicly accessible. In this thesis, we set about showing that the proper synergy between theoretical anal- ysis and practical design can enhance the resiliency of networked systems. We illustrate the benefits of this synergy by presenting resiliency approaches that target the inter- and intra-networking levels. At the inter-networking level, we present CPuzzle as a means to protect the transport control protocol (TCP) connection establishment channel from state- exhaustion distributed denial of service attacks (DDoS). CPuzzle leverages client puzzles to limit the rate at which misbehaving users can establish TCP connections. We modeled the problem of determining the puzzle difficulty as a Stackleberg game and solve for the equilibrium strategy that balances the users’ utilizes against CPuzzle’s resilience capabilities. Furthermore, to handle volumetric DDoS attacks, we extend CPuzzle and implement Midgard, a cooperative approach that involves end-users in the process of tolerating and neutralizing DDoS attacks. Midgard is a middlebox that resides at the edge of an Internet service provider’s network and uses client puzzles at the IP level to allocate bandwidth to its users. At the intra-networking level, we present sShield, a game-theoretic network response engine that manipulates a network’s connectivity in response to an attacker who is moving laterally to compromise a high-value asset. To implement such decision making algorithms, we leverage the recent advances in software-defined networking (SDN) to collect logs and security alerts about the network and implement response actions. However, the programma- bility offered by SDN comes with an increased chance for design-time bugs that can have drastic consequences on the reliability and security of a networked system. We therefore introduce BiFrost, an open-source tool that aims to verify safety and security proper- ties about data-plane programs. BiFrost translates data-plane programs into functionally equivalent sequential circuits, and then uses well-established hardware reduction, abstrac- tion, and verification techniques to establish correctness proofs about data-plane programs. By focusing on those four key efforts, CPuzzle, Midgard, sShield, and BiFrost, we believe that this work illustrates the benefits that the synergy between theory and practice can bring into the world of resilient system design. This thesis is an attempt to pave the way for further cooperation and coordination between theoreticians and practitioners, in the hope of designing resilient networked systems