2,263 research outputs found
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
Contour: A Practical System for Binary Transparency
Transparency is crucial in security-critical applications that rely on
authoritative information, as it provides a robust mechanism for holding these
authorities accountable for their actions. A number of solutions have emerged
in recent years that provide transparency in the setting of certificate
issuance, and Bitcoin provides an example of how to enforce transparency in a
financial setting. In this work we shift to a new setting, the distribution of
software package binaries, and present a system for so-called "binary
transparency." Our solution, Contour, uses proactive methods for providing
transparency, privacy, and availability, even in the face of persistent
man-in-the-middle attacks. We also demonstrate, via benchmarks and a test
deployment for the Debian software repository, that Contour is the only system
for binary transparency that satisfies the efficiency and coordination
requirements that would make it possible to deploy today.Comment: International Workshop on Cryptocurrencies and Blockchain Technology
(CBT), 201
Blockchain Solutions for Multi-Agent Robotic Systems: Related Work and Open Questions
The possibilities of decentralization and immutability make blockchain
probably one of the most breakthrough and promising technological innovations
in recent years. This paper presents an overview, analysis, and classification
of possible blockchain solutions for practical tasks facing multi-agent robotic
systems. The paper discusses blockchain-based applications that demonstrate how
distributed ledger can be used to extend the existing number of research
platforms and libraries for multi-agent robotic systems.Comment: 5 pages, FRUCT-2019 conference pape
- …