175 research outputs found
Privacy-preserving auditable token payments in a permissioned blockchain system
Token management systems were the first application of blockchain technology and are still the most widely used one. Early implementations such as Bitcoin or Ethereum provide virtually no privacy beyond basic pseudonymity: all transactions are written in plain to the blockchain, which makes them perfectly linkable and traceable.
Several more recent blockchain systems, such as Monero or Zerocash, implement improved levels of privacy. Most of these systems target the permissionless setting, just like Bitcoin. Many practical scenarios, in contrast, require token systems to be permissioned, binding the tokens to user identities instead of pseudonymous addresses, and also requiring auditing functionality in order to satisfy regulation such as AML/KYC.
We present a privacy-preserving token management system that is designed for permissioned blockchain systems and supports fine-grained auditing. The scheme is secure under computational assumptions in bilinear groups, in the random-oracle model
Droplet: Decentralized Authorization for IoT Data Streams
This paper presents Droplet, a decentralized data access control service,
which operates without intermediate trust entities. Droplet enables data owners
to securely and selectively share their encrypted data while guaranteeing data
confidentiality against unauthorized parties. Droplet's contribution lies in
coupling two key ideas: (i) a new cryptographically-enforced access control
scheme for encrypted data streams that enables users to define fine-grained
stream-specific access policies, and (ii) a decentralized authorization service
that handles user-defined access policies. In this paper, we present Droplet's
design, the reference implementation of Droplet, and experimental results of
three case-study apps atop of Droplet: Fitbit activity tracker, Ava health
tracker, and ECOviz smart meter dashboard
Integration of Blockchain and Auction Models: A Survey, Some Applications, and Challenges
In recent years, blockchain has gained widespread attention as an emerging
technology for decentralization, transparency, and immutability in advancing
online activities over public networks. As an essential market process,
auctions have been well studied and applied in many business fields due to
their efficiency and contributions to fair trade. Complementary features
between blockchain and auction models trigger a great potential for research
and innovation. On the one hand, the decentralized nature of blockchain can
provide a trustworthy, secure, and cost-effective mechanism to manage the
auction process; on the other hand, auction models can be utilized to design
incentive and consensus protocols in blockchain architectures. These
opportunities have attracted enormous research and innovation activities in
both academia and industry; however, there is a lack of an in-depth review of
existing solutions and achievements. In this paper, we conduct a comprehensive
state-of-the-art survey of these two research topics. We review the existing
solutions for integrating blockchain and auction models, with some
application-oriented taxonomies generated. Additionally, we highlight some open
research challenges and future directions towards integrated blockchain-auction
models
Scaling Distributed Ledgers and Privacy-Preserving Applications
This thesis proposes techniques aiming to make blockchain technologies and smart contract platforms practical by improving their scalability, latency, and privacy. This thesis starts by presenting the design and implementation of Chainspace, a distributed ledger that supports user defined smart contracts and execute user-supplied transactions on their objects. The correct execution of smart contract transactions is publicly verifiable. Chainspace is scalable by sharding state; it is secure against subsets of nodes trying to compromise its integrity or availability properties through Byzantine Fault Tolerance (BFT). This thesis also introduces a family of replay attacks against sharded distributed ledgers targeting cross-shard consensus protocols; they allow an attacker, with network access only, to double-spend resources with minimal efforts. We then build Byzcuit, a new cross-shard consensus protocol that is immune to those attacks and that is tailored to run at the heart of Chainspace. Next, we propose FastPay, a high-integrity settlement system for pre-funded payments that can be used as a financial side-infrastructure for Chainspace to support low-latency retail payments. This settlement system is based on Byzantine Consistent Broadcast as its core primitive, foregoing the expenses of full atomic commit channels (consensus). The resulting system has extremely low-latency for both confirmation and payment finality. Finally, this thesis proposes Coconut, a selective disclosure credential scheme supporting distributed threshold issuance, public and private attributes, re-randomization, and multiple unlinkable selective attribute revelations. It ensures authenticity and availability even when a subset of credential issuing authorities are malicious or offline, and natively integrates with Chainspace to enable a number of scalable privacy-preserving applications
Chainspace: A Sharded Smart Contracts Platform
Chainspace is a decentralized infrastructure, known as a distributed ledger,
that supports user defined smart contracts and executes user-supplied
transactions on their objects. The correct execution of smart contract
transactions is verifiable by all. The system is scalable, by sharding state
and the execution of transactions, and using S-BAC, a distributed commit
protocol, to guarantee consistency. Chainspace is secure against subsets of
nodes trying to compromise its integrity or availability properties through
Byzantine Fault Tolerance (BFT), and extremely high-auditability,
non-repudiation and `blockchain' techniques. Even when BFT fails, auditing
mechanisms are in place to trace malicious participants. We present the design,
rationale, and details of Chainspace; we argue through evaluating an
implementation of the system about its scaling and other features; we
illustrate a number of privacy-friendly smart contracts for smart metering,
polling and banking and measure their performance
- …