363 research outputs found
On Bitcoin Security in the Presence of Broken Crypto Primitives
Digital currencies like Bitcoin rely on cryptographic primitives to operate. However, past experience shows that cryptographic primitives do not last forever: increased computational power and advanced cryptanalysis cause primitives to break frequently, and motivate the development of new ones. It is therefore crucial for maintaining
trust in a crypto currency to anticipate such breakage.
We present the first systematic analysis of the effect of broken primitives on Bitcoin. We identify the core cryptographic building blocks and analyze the various ways in which they can break, and the subsequent effect on the main Bitcoin security guarantees. Our analysis reveals a wide range of possible effects depending on the primitive and type of breakage, ranging from minor privacy violations to a complete breakdown of the currency.
Our results lead to several observations on, and suggestions for, the Bitcoin migration plans in case of broken cryptographic primitives
An empirical analysis of smart contracts: platforms, applications, and design patterns
Smart contracts are computer programs that can be consistently executed by a
network of mutually distrusting nodes, without the arbitration of a trusted
authority. Because of their resilience to tampering, smart contracts are
appealing in many scenarios, especially in those which require transfers of
money to respect certain agreed rules (like in financial services and in
games). Over the last few years many platforms for smart contracts have been
proposed, and some of them have been actually implemented and used. We study
how the notion of smart contract is interpreted in some of these platforms.
Focussing on the two most widespread ones, Bitcoin and Ethereum, we quantify
the usage of smart contracts in relation to their application domain. We also
analyse the most common programming patterns in Ethereum, where the source code
of smart contracts is available.Comment: WTSC 201
Time-Traveling Simulators Using Blockchains and Their Applications
Blockchain technology has the potential of transforming cryptography. We study the problem of round-complexity of zero-knowledge, and more broadly, of secure computation in the blockchain-hybrid model, where all parties can access the blockchain as an oracle.
We study zero-knowledge and secure computation through the lens of a new security notion where the simulator is given the ability to ``time-travel” or more accurately, to look into the future states of the blockchain and use this information to perform simulation. Such a time-traveling simulator gives a novel security guarantee of the following form: whatever the adversary could have learnt from an interaction, it could have computed on its own shortly into the future (e.g., a few hours from now).
We exhibit the power of time-traveling simulators by constructing round-efficient protocols in the blockchain-hybrid model. In particular, we construct:
1. Three-round zero-knowledge (ZK) argument for NP with a polynomial-time black-box time-traveling simulator.
2. Three-round secure two-party computation (2PC) for any functionality with a polynomial-time black-box time-traveling simulator for both parties.
In addition to standard cryptographic assumptions, we rely on natural hardness assumptions for Proof-of-Work based blockchains. In comparison, in the plain model, three-round protocols with black-box simulation are impossible, and constructions with non-black-box simulation for ZK require novel cryptographic assumptions while no construction for three-round 2PC is known. Our three-round 2PC result relies on a new, two-round extractable commitment that admits a time-traveling extractor
Green Bitcoin: Global Sound Money
Modern societies have adopted government-issued fiat currencies many of which
exist today mainly in the form of digits in credit and bank accounts. Fiat
currencies are controlled by central banks for economic stimulation and
stabilization. Boom-and-bust cycles are created. The volatility of the cycle
has become increasingly extreme. Social inequality due to the concentration of
wealth is prevalent worldwide. As such, restoring sound money, which provides
stored value over time, has become a pressing issue. Currently,
cryptocurrencies such as Bitcoin are in their infancy and may someday qualify
as sound money. Bitcoin today is considered as a digital asset for storing
value. But Bitcoin has problems. The first issue of the current Bitcoin network
is its high energy consumption consensus mechanism. The second is the
cryptographic primitives which are unsafe against post-quantum (PQ) attacks. We
aim to propose Green Bitcoin which addresses both issues. To save energy in
consensus mechanism, we introduce a post-quantum secure (self-election)
verifiable coin-toss function and novel PQ secure proof-of-computation
primitives. It is expected to reduce the rate of energy consumption more than
90 percent of the current Bitcoin network. The elliptic curve cryptography will
be replaced with PQ-safe versions. The Green Bitcoin protocol will help Bitcoin
evolve into a post-quantum secure network.Comment: 16 page
Tests for Establishing Security Properties
Ensuring strong security properties in some cases requires participants to carry out tests during the execution of a protocol. A classical example is electronic voting: participants are required to verify the presence of their ballots on a bulletin board, and to verify the computation of the election outcome. The notion of certificate transparency is another example, in which participants in the protocol are required to perform tests to verify the integrity of a certificate log.
We present a framework for modelling systems with such `testable properties', using the applied pi calculus. We model the tests that are made by participants in order to obtain the security properties. Underlying our work is an attacker model called ``malicious but cautious'', which lies in between the Dolev-Yao model and the ``honest but curious'' model. The malicious-but-cautious model is appropriate for cloud computing providers that are potentially malicious but are assumed to be cautious about launching attacks that might cause user tests to fail
- …