28,214 research outputs found
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
Chainspace: A Sharded Smart Contracts Platform
Chainspace is a decentralized infrastructure, known as a distributed ledger,
that supports user defined smart contracts and executes user-supplied
transactions on their objects. The correct execution of smart contract
transactions is verifiable by all. The system is scalable, by sharding state
and the execution of transactions, and using S-BAC, a distributed commit
protocol, to guarantee consistency. Chainspace is secure against subsets of
nodes trying to compromise its integrity or availability properties through
Byzantine Fault Tolerance (BFT), and extremely high-auditability,
non-repudiation and `blockchain' techniques. Even when BFT fails, auditing
mechanisms are in place to trace malicious participants. We present the design,
rationale, and details of Chainspace; we argue through evaluating an
implementation of the system about its scaling and other features; we
illustrate a number of privacy-friendly smart contracts for smart metering,
polling and banking and measure their performance
Improving the Performance and Endurance of Persistent Memory with Loose-Ordering Consistency
Persistent memory provides high-performance data persistence at main memory.
Memory writes need to be performed in strict order to satisfy storage
consistency requirements and enable correct recovery from system crashes.
Unfortunately, adhering to such a strict order significantly degrades system
performance and persistent memory endurance. This paper introduces a new
mechanism, Loose-Ordering Consistency (LOC), that satisfies the ordering
requirements at significantly lower performance and endurance loss. LOC
consists of two key techniques. First, Eager Commit eliminates the need to
perform a persistent commit record write within a transaction. We do so by
ensuring that we can determine the status of all committed transactions during
recovery by storing necessary metadata information statically with blocks of
data written to memory. Second, Speculative Persistence relaxes the write
ordering between transactions by allowing writes to be speculatively written to
persistent memory. A speculative write is made visible to software only after
its associated transaction commits. To enable this, our mechanism supports the
tracking of committed transaction ID and multi-versioning in the CPU cache. Our
evaluations show that LOC reduces the average performance overhead of memory
persistence from 66.9% to 34.9% and the memory write traffic overhead from
17.1% to 3.4% on a variety of workloads.Comment: This paper has been accepted by IEEE Transactions on Parallel and
Distributed System
Reexamination of Quantum Bit Commitment: the Possible and the Impossible
Bit commitment protocols whose security is based on the laws of quantum
mechanics alone are generally held to be impossible. In this paper we give a
strengthened and explicit proof of this result. We extend its scope to a much
larger variety of protocols, which may have an arbitrary number of rounds, in
which both classical and quantum information is exchanged, and which may
include aborts and resets. Moreover, we do not consider the receiver to be
bound to a fixed "honest" strategy, so that "anonymous state protocols", which
were recently suggested as a possible way to beat the known no-go results are
also covered. We show that any concealing protocol allows the sender to find a
cheating strategy, which is universal in the sense that it works against any
strategy of the receiver. Moreover, if the concealing property holds only
approximately, the cheat goes undetected with a high probability, which we
explicitly estimate. The proof uses an explicit formalization of general two
party protocols, which is applicable to more general situations, and a new
estimate about the continuity of the Stinespring dilation of a general quantum
channel. The result also provides a natural characterization of protocols that
fall outside the standard setting of unlimited available technology, and thus
may allow secure bit commitment. We present a new such protocol whose security,
perhaps surprisingly, relies on decoherence in the receiver's lab.Comment: v1: 26 pages, 4 eps figures. v2: 31 pages, 5 eps figures; replaced
with published version; title changed to comply with puzzling Phys. Rev.
regulations; impossibility proof extended to protocols with infinitely many
rounds or a continuous communication tree; security proof of decoherence
monster protocol expanded; presentation clarifie
Modeling Bitcoin Contracts by Timed Automata
Bitcoin is a peer-to-peer cryptographic currency system. Since its
introduction in 2008, Bitcoin has gained noticeable popularity, mostly due to
its following properties: (1) the transaction fees are very low, and (2) it is
not controlled by any central authority, which in particular means that nobody
can "print" the money to generate inflation. Moreover, the transaction syntax
allows to create the so-called contracts, where a number of
mutually-distrusting parties engage in a protocol to jointly perform some
financial task, and the fairness of this process is guaranteed by the
properties of Bitcoin. Although the Bitcoin contracts have several potential
applications in the digital economy, so far they have not been widely used in
real life. This is partly due to the fact that they are cumbersome to create
and analyze, and hence risky to use.
In this paper we propose to remedy this problem by using the methods
originally developed for the computer-aided analysis for hardware and software
systems, in particular those based on the timed automata. More concretely, we
propose a framework for modeling the Bitcoin contracts using the timed automata
in the UPPAAL model checker. Our method is general and can be used to model
several contracts. As a proof-of-concept we use this framework to model some of
the Bitcoin contracts from our recent previous work. We then automatically
verify their security in UPPAAL, finding (and correcting) some subtle errors
that were difficult to spot by the manual analysis. We hope that our work can
draw the attention of the researchers working on formal modeling to the problem
of the Bitcoin contract verification, and spark off more research on this
topic
Representing Conversations for Scalable Overhearing
Open distributed multi-agent systems are gaining interest in the academic
community and in industry. In such open settings, agents are often coordinated
using standardized agent conversation protocols. The representation of such
protocols (for analysis, validation, monitoring, etc) is an important aspect of
multi-agent applications. Recently, Petri nets have been shown to be an
interesting approach to such representation, and radically different approaches
using Petri nets have been proposed. However, their relative strengths and
weaknesses have not been examined. Moreover, their scalability and suitability
for different tasks have not been addressed. This paper addresses both these
challenges. First, we analyze existing Petri net representations in terms of
their scalability and appropriateness for overhearing, an important task in
monitoring open multi-agent systems. Then, building on the insights gained, we
introduce a novel representation using Colored Petri nets that explicitly
represent legal joint conversation states and messages. This representation
approach offers significant improvements in scalability and is particularly
suitable for overhearing. Furthermore, we show that this new representation
offers a comprehensive coverage of all conversation features of FIPA
conversation standards. We also present a procedure for transforming AUML
conversation protocol diagrams (a standard human-readable representation), to
our Colored Petri net representation
- …