8,780 research outputs found
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
Centrally Banked Cryptocurrencies
Current cryptocurrencies, starting with Bitcoin, build a decentralized
blockchain-based transaction ledger, maintained through proofs-of-work that
also generate a monetary supply. Such decentralization has benefits, such as
independence from national political control, but also significant limitations
in terms of scalability and computational cost. We introduce RSCoin, a
cryptocurrency framework in which central banks maintain complete control over
the monetary supply, but rely on a distributed set of authorities, or
mintettes, to prevent double-spending. While monetary policy is centralized,
RSCoin still provides strong transparency and auditability guarantees. We
demonstrate, both theoretically and experimentally, the benefits of a modest
degree of centralization, such as the elimination of wasteful hashing and a
scalable system for avoiding double-spending attacks.Comment: 15 pages, 4 figures, 2 tables in Proceedings of NDSS 201
FASTM: a log-based hardware transactional memory with fast abort recovery
Version management, one of the key design dimensions of Hardware Transactional Memory (HTM) systems, defines where and how transactional modifications are stored. Current HTM systems use either eager or lazy version management. Eager systems that keep new values in-place while they hold old values in a software log, suffer long delays when aborts are frequent because the pre-transactional state is recovered by software. Lazy systems that buffer new values in specialized hardware offer complex and inefficient solutions to handle hardware overflows, which are common in applications with coarse-grain transactions. In this paper, we present FASTM, an eager log-based HTM that takes advantage of the processor’s cache hierarchy to provide fast abort recovery. FASTM uses a novel coherence protocol to buffer the transactional modifications in the first level cache and to keep the non-speculative values in the higher levels of the memory hierarchy. This mechanism allows fast abort recovery of transactions that do not overflow the first level cache resources. Contrary to lazy HTM systems, committing transactions do not have to perform any actions in order to make their results visible to the rest of the system. FASTM keeps the pre-transactional state in a software-managed log as well, which permits the eviction of speculative values and enables transparent execution even in the case of cache overflow. This approach simplifies eviction policies without degrading performance, because it only falls back to a software abort recovery for transactions whose modified state has overflowed the cache. Simulation results show that FASTM achieves a speed-up of 43% compared to LogTM-SE, improving the scalability of applications with coarse-grain transactions and obtaining similar performance to an ideal eager HTM with zero-cost abort recovery.Peer ReviewedPostprint (published version
Version Control in Online Software Repositories
Software version control repositories provide a uniform and stable interface to manage documents and their version histories. Unfortunately, Open Source systems, for example, CVS, Subversion, and GNU Arch are not well suited to highly collaborative environments and fail to track semantic changes in repositories. We introduce document provenance as our Description Logic framework to track the semantic changes in software repositories and draw interesting results about their historic behaviour using a rule-based inference engine. To support the use of this framework, we have developed our own online collaborative tool, leveraging the fluency of the modern WikiWikiWeb
ClaimChain: Improving the Security and Privacy of In-band Key Distribution for Messaging
The social demand for email end-to-end encryption is barely supported by
mainstream service providers. Autocrypt is a new community-driven open
specification for e-mail encryption that attempts to respond to this demand. In
Autocrypt the encryption keys are attached directly to messages, and thus the
encryption can be implemented by email clients without any collaboration of the
providers. The decentralized nature of this in-band key distribution, however,
makes it prone to man-in-the-middle attacks and can leak the social graph of
users. To address this problem we introduce ClaimChain, a cryptographic
construction for privacy-preserving authentication of public keys. Users store
claims about their identities and keys, as well as their beliefs about others,
in ClaimChains. These chains form authenticated decentralized repositories that
enable users to prove the authenticity of both their keys and the keys of their
contacts. ClaimChains are encrypted, and therefore protect the stored
information, such as keys and contact identities, from prying eyes. At the same
time, ClaimChain implements mechanisms to provide strong non-equivocation
properties, discouraging malicious actors from distributing conflicting or
inauthentic claims. We implemented ClaimChain and we show that it offers
reasonable performance, low overhead, and authenticity guarantees.Comment: Appears in 2018 Workshop on Privacy in the Electronic Society
(WPES'18
FastPay: High-Performance Byzantine Fault Tolerant Settlement
FastPay allows a set of distributed authorities, some of which are Byzantine,
to maintain a high-integrity and availability settlement system for pre-funded
payments. It can be used to settle payments in a native unit of value
(crypto-currency), or as a financial side-infrastructure to support retail
payments in fiat currencies. FastPay is based on Byzantine Consistent Broadcast
as its core primitive, foregoing the expenses of full atomic commit channels
(consensus). The resulting system has low-latency for both confirmation and
payment finality. Remarkably, each authority can be sharded across many
machines to allow unbounded horizontal scalability. Our experiments demonstrate
intra-continental confirmation latency of less than 100ms, making FastPay
applicable to point of sale payments. In laboratory environments, we achieve
over 80,000 transactions per second with 20 authorities---surpassing the
requirements of current retail card payment networks, while significantly
increasing their robustness
Version Control in Online Software Repositories
Software version control repositories provide a uniform and stable interface to manage documents and their version histories. Unfortunately, Open Source systems, for example, CVS, Subversion, and GNU Arch are not well suited to highly collaborative environments and fail to track semantic changes in repositories. We introduce document provenance as our Description Logic framework to track the semantic changes in software repositories and draw interesting results about their historic behaviour using a rule-based inference engine. To support the use of this framework, we have developed our own online collaborative tool, leveraging the fluency of the modern WikiWikiWeb
Study of consensus protocols and improvement of the Federated Byzantine Agreement (FBA) algorithm
At a present time, it has been proven that blockchain technology has influenced to a great extent the way of human interaction in a digital world. The operation of the blockchain systems allows the peers to implement digital transactions in a Peer to Peer (P2P) network in a direct way without the need of third parties. Each blockchain determines different rules for the record of the transactions in the ledger. The transactions are inserted in blocks and each one, in turn, is appended to the chain (ledger) based on different consensus algorithms. Once blocks have been inserted in the chain, the consensus has been reached and the blocks with corresponding transactions are considered immutable. This thesis analyses the main features of the blockchain and how the consensus can be achieved through the different kinds of consensus algorithms. In addition, a detailed reference for Stellar and Federated Byzantine Agreement (FBA) consensus protocols is made in order to explain these algorithms, their limitations as well as their improvement. The development of a reputation mechanism is necessary to the improvement of above algorithms
- …