PERANCANGAN DAN IMPLEMENTASI SMART CONTRACT PADA SISTEM VERIFIKASI DOKUMEN BERBASIS ZERO KNOWLEDGE PROOF (ZKP) PADA BLOCKCHAIN POLYGON

Blockchain merupakan sistem terdesentralisasi yang terbuka yang dapat dimanfaatkan untuk melakukan pelacakan dan verifikasi keaslian dokumen. Sifat keterbukaan tersebut menjadi masalah jika isi dari dokumen bersifat rahasia atau dilindungi oleh undang-undang perlindungan data pribadi. Dalam penelitian ini, sebuah sistem verifikasi dokumen berbasis Blockchain dirancang dengan memanfaatkan algoritma ZKP (Zero Knowledge Proof) yang diimplementasikan dalam sebuah Smart Contract pada jaringan Blockchain Polygon. Algoritma ZKP melindungi informasi yang bersifat rahasia tetapi dapat diverifikasi kebenaran dan keasliannya oleh pihak yang berkepentinga tanpa menguak informasi tersebut. Penelitian ini melibatkan perancangan smart contract yang terdiri dari fungsi-fungsi untuk mengatur proses verifikasi dokumen, serta implementasi sistem verifikasi dokumen yang terintegrasi dengan Smart Contract. Hasil penelitian menunjukkan bahwa sistem yang dibangun dapat meningkatkan keamanan proses pelacakan dokumen dengan tidak menguak isi dokumen yang bersifat rahasia dan dilindungi oleh undang-undang

A blockchain approach for decentralized V2X (D-V2X)

New mobility paradigms have appeared in recent years, and everything suggests that some more are coming. This fact makes apparent the necessity of modernizing the road infrastructure, the signalling elements and the traffic management systems. Many initiatives have emerged around the term Intelligent Transport System (ITS) in order to define new scenarios and requirements for this kind of applications. We even have two main competing technologies for implementing Vehicular communication protocols (V2X), C-V2X and 802.11p, but neither of them is widely deployed yet. One of the main barriers for the massive adoption of those technologies is governance. Current solutions rely on the use of a public key infrastructure that enables secure collaboration between the different entities in the V2X ecosystem, but given its global scope, managing such infrastructure requires reaching agreements between many parties, with conflicts of interest between automakers and telecommunication operators. As a result, there are plenty of use cases available and two mature communication technologies, but the complexity at the business layer is stopping the drivers from taking advantage of ITS applications. Blockchain technologies are defining a new decentralized paradigm for most traditional applications, where smart contracts provide a straightforward mechanism for decentralized governance. In this work, we propose an approach for decentralized V2X (D-V2X) that does not require any trusted authority and can be implemented on top of any communication protocol. We also define a proof-of-concept technical architecture on top of a cheap and highly secure System-on-Chip (SoC) that could allow for massive adoption of D-V2X.10.13039/501100011011-Junta de Andalucía (Grant Number: P18-TP-3724) 10.13039/501100004837-Ministerio de Ciencia e Innovación (Grant Number: PID2019-110565RB-I00

T3AB: Transparent and Trustworthy Third-party Authority using Blockchain

Increasingly, information systems rely on computational, storage, and network resources deployed in third-party facilities or are supported by service providers. Such an approach further exacerbates cybersecurity concerns constantly raised by numerous incidents of security and privacy attacks resulting in data leakage and identity theft, among others. These have in turn forced the creation of stricter security and privacy related regulations and have eroded the trust in cyberspace. In particular, security related services and infrastructures such as Certificate Authorities (CAs) that provide digital certificate service and Third-Party Authorities (TPAs) that provide cryptographic key services, are critical components for establishing trust in Internet enabled applications and services. To address such trust issues, various transparency frameworks and approaches have been recently proposed in the literature. In this paper, we propose a Transparent and Trustworthy TPA using Blockchain (T3AB) to provide transparency and accountability to the trusted third-party entities, such as honest-but-curious third-party IaaS servers, and coordinators in various privacy-preserving machine learning (PPML) approaches. T3AB employs the Ethereum blockchain as the underlying public ledger and also includes a novel smart contract to automate accountability with an incentive mechanism that motivates participants' to participate in auditing, and punishes unintentional or malicious behaviors. We implement T3AB, and show through experimental evaluation in the Ethereum official test network, Rinkeby, that the framework is efficient. We also formally show the security guarantee provided by T3AB, and analyze the privacy guarantee and trustworthiness it provides

Enhancing transaction verification through pruned merkle tree in blockchain

A Merkle tree is a data structure employed within Blockchain technology to securely verify information or transactions within a vast data collection. This paper proposes a new and improved verification method, Pruned Merkle Tree (PMT), for hash nodes marching to the Merkle Root in a Minimal duration. PMT is a unique mechanism for verifying unpaired transactions in a block. The future influence of cryptocurrency will be immense, and PMT showcases its effectiveness in terms of transaction speed and node repetition. Our method allows any block to validate the full availability of transactions without repeating hash nodes and focuses on improving the transaction process through the Pruned Merkle Tree and achieving remarkable results. To assess the performance of the proposed system, we used Hyperledger Caliper, a benchmarking tool specifically designed for measuring the performance of Hyperledger-based blockchain solutions. The evaluation results show a significant improvement in throughput, with a value of 30450kbps recorded. The processing time has also increased noticeably, reaching 1660ms. Security measures have also been strengthened, yielding an impressive 99.60%. The energy consumption factor plays a crucial role, and the PMT exhibits the lowest value at 235 joules. Keywords: Blockchain, Merkle Tree, Pruned Merkle Tree, Security, Transaction Verificatio

KORGAN: An Efficient PKI Architecture Based on PBFT Through Dynamic Threshold Signatures

The file attached to this record is the author's final peer reviewed version.During the last decade, several misbehaving Certificate Authorities (CA) have issued fraudulent TLS certificates allowing MITM kinds of attacks which result in serious security incidents. In order to avoid such incidents, Yakubov et al. recently proposed a new PKI architecture where CAs issue, revoke, and validate X.509 certificates on a public blockchain. However, in their proposal TLS clients are subject to MITM kinds of attacks and certificate transparency is not fully provided. In this paper, we eliminate the issues of the Yakubov et al.’s scheme and propose a new PKI architecture based on permissioned blockchain with PBFT consensus mechanism where the consensus nodes utilize a dynamic threshold signature scheme to generate signed blocks. In this way, the trust to the intermediary entities can be completely eliminated during certificate validation. Our scheme enjoys the dynamic property of the threshold signature because TLS clients do not have to change the verification key even if the validator set is dynamic. We implement our proposal on private Ethereum network to demonstrate the experimental results. The results show that our proposal has negligible overhead during TLS handshake. The certificate validation duration is less than the duration in the conventional PKI and Yakubov et al.’s scheme

Merkle^2: A Low-Latency Transparency Log System

Transparency logs are designed to help users audit untrusted servers. For example, Certificate Transparency (CT) enables users to detect when a compromised Certificate Authority (CA) has issued a fake certificate. Practical state-of-the-art transparency log systems, however, suffer from high monitoring costs when used for low-latency applications. To reduce monitoring costs, such systems often require users to wait an hour or more for their updates to take effect, inhibiting low-latency applications. We propose $\text{Merkle}^2$, a transparency log system that supports both efficient monitoring and low-latency updates. To achieve this goal, we construct a new multi-dimensional, authenticated data structure that nests two types of Merkle trees, hence the name of our system, $\text{Merkle}^2$. Using this data structure, we then design a transparency log system with efficient monitoring and lookup protocols that enables low-latency updates. In particular, all the operations in $\text{Merkle}^2$ are independent of update intervals and are (poly)logarithmic to the number of entries in the log. $\text{Merkle}^2$ not only has excellent asymptotics when compared to prior work, but is also efficient in practice. Our evaluation shows that $\text{Merkle}^2$ propagates updates in as little as 1 second and can support 100× more users than state-of-the-art transparency logs