4 research outputs found
Raziel: Private and Verifiable Smart Contracts on Blockchains
Raziel combines secure multi-party computation and proof-carrying code to
provide privacy, correctness and verifiability guarantees for smart contracts
on blockchains. Effectively solving DAO and Gyges attacks, this paper describes
an implementation and presents examples to demonstrate its practical viability
(e.g., private and verifiable crowdfundings and investment funds).
Additionally, we show how to use Zero-Knowledge Proofs of Proofs (i.e.,
Proof-Carrying Code certificates) to prove the validity of smart contracts to
third parties before their execution without revealing anything else. Finally,
we show how miners could get rewarded for generating pre-processing data for
secure multi-party computation.Comment: Support: cothority/ByzCoin/OmniLedge
Tracking Information Flow by Mapping Broadcast Encryption Subgroups to Security Lattices
In this paper we consider scenarios in which a server broadcasts messages with different confidentiality levels to nodes subgroups holding the appropriate clearance. We build on IND-CPA broadcast encryption schemes to preserve the message's confidentiality over a network. Our proposal is that, to verify that information in the server flows to nodes with the appropriate clearances (e.g. verify the use of the correct encryption keys), we can map broadcast subgroups of nodes to levels in information flow security lattices. We implement this idea via a type system and provide a soundness proof with respect to a formally defined secure information flow property for server code
Type-Based Analysis of Generic Key Management APIs
In the past few years, cryptographic key management APIs have been shown to be subject to tricky attacks based on the improper use of cryptographic keys. In fact, real APIs provide mechanisms to declare the intended use of keys but they are not strong enough to provide key security. In this paper, we propose a simple imperative programming language for specifying strongly-typed APIs for the management of symmetric, asymmetric and signing keys. The language requires that type information is stored together with the key but it is independent of the actual low-level implementation. We develop a type-based analysis to prove the preservation of integrity and confidentiality of sensitive keys and we show that our abstraction is expressive enough to code realistic key management APIs