On Non-Parallelizable Deterministic Client Puzzle Scheme with Batch Verification Modes

A (computational) client puzzle scheme enables a client to prove to a server that a certain amount of computing resources (CPU cycles and/or Memory look-ups) has been dedicated to solve a puzzle. Researchers have identified a number of potential applications, such as constructing timed cryptography, fighting junk emails, and protecting critical infrastructure from DoS attacks. In this paper, we first revisit this concept and formally define two properties, namely deterministic computation and parallel computation resistance. Our analysis show that both properties are crucial for the effectiveness of client puzzle schemes in most application scenarios. We prove that the RSW client puzzle scheme, which is based on the repeated squaring technique, achieves both properties. Secondly, we introduce two batch verification modes for the RSW client puzzle scheme in order to improve the verification efficiency of the server, and investigate three methods for handling errors in batch verifications. Lastly, we show that client puzzle schemes can be integrated with reputation systems to further improve the effectiveness in practice

LightChain: A DHT-based Blockchain for Resource Constrained Environments

As an append-only distributed database, blockchain is utilized in a vast variety of applications including the cryptocurrency and Internet-of-Things (IoT). The existing blockchain solutions have downsides in communication and storage efficiency, convergence to centralization, and consistency problems. In this paper, we propose LightChain, which is the first blockchain architecture that operates over a Distributed Hash Table (DHT) of participating peers. LightChain is a permissionless blockchain that provides addressable blocks and transactions within the network, which makes them efficiently accessible by all the peers. Each block and transaction is replicated within the DHT of peers and is retrieved in an on-demand manner. Hence, peers in LightChain are not required to retrieve or keep the entire blockchain. LightChain is fair as all of the participating peers have a uniform chance of being involved in the consensus regardless of their influence such as hashing power or stake. LightChain provides a deterministic fork-resolving strategy as well as a blacklisting mechanism, and it is secure against colluding adversarial peers attacking the availability and integrity of the system. We provide mathematical analysis and experimental results on scenarios involving 10K nodes to demonstrate the security and fairness of LightChain. As we experimentally show in this paper, compared to the mainstream blockchains like Bitcoin and Ethereum, LightChain requires around 66 times less per node storage, and is around 380 times faster on bootstrapping a new node to the system, while each LightChain node is rewarded equally likely for participating in the protocol

Foundations, Properties, and Security Applications of Puzzles: A Survey

Cryptographic algorithms have been used not only to create robust ciphertexts but also to generate cryptograms that, contrary to the classic goal of cryptography, are meant to be broken. These cryptograms, generally called puzzles, require the use of a certain amount of resources to be solved, hence introducing a cost that is often regarded as a time delay---though it could involve other metrics as well, such as bandwidth. These powerful features have made puzzles the core of many security protocols, acquiring increasing importance in the IT security landscape. The concept of a puzzle has subsequently been extended to other types of schemes that do not use cryptographic functions, such as CAPTCHAs, which are used to discriminate humans from machines. Overall, puzzles have experienced a renewed interest with the advent of Bitcoin, which uses a CPU-intensive puzzle as proof of work. In this paper, we provide a comprehensive study of the most important puzzle construction schemes available in the literature, categorizing them according to several attributes, such as resource type, verification type, and applications. We have redefined the term puzzle by collecting and integrating the scattered notions used in different works, to cover all the existing applications. Moreover, we provide an overview of the possible applications, identifying key requirements and different design approaches. Finally, we highlight the features and limitations of each approach, providing a useful guide for the future development of new puzzle schemes.Comment: This article has been accepted for publication in ACM Computing Survey

Blockchain Tree for eHealth

The design of access control mechanisms for healthcare systems is challenging: it must strike the right balance between permissions and restrictions. In this work, we propose a novel approach that is based on the Blockchain technology for storage patient medical data and create an audit logging system able to protect health data from unauthorized modification and access. The proposed method consists of a tree structure: a main chain linked with the patient's identity and one or several Subchains which are used for storing additional critical data (e.g., medical diagnoses or access logs)

Smart Contract Execution - the (+-)-Biased Ballot Problem

Transaction system build on top of blockchain, especially smart contract, is becoming an important part of world economy. However, there is a lack of formal study on the behavior of users in these systems, which leaves the correctness and security of such system without a solid foundation. Unlike mining, in which the reward for mining a block is fixed, different execution results of a smart contract may lead to significantly different payoffs of users, which gives more incentives for some user to follow a branch that contains a wrong result, even if the branch is shorter. It is thus important to understand the exact probability that a branch is being selected by the system. We formulate this problem as the (+-)-Biased Ballot Problem as follows: there are n voters one by one voting for either of the two candidates A and B. The probability of a user voting for A or B depends on whether the difference between the current votes of A and B is positive or negative. Our model takes into account the behavior of three different kinds of users when a branch occurs in the system -- users having preference over a certain branch based on the history of their transactions, and users being indifferent and simply follow the longest chain. We study two important probabilities that are closely related with a blockchain based system - the probability that A wins at last, and the probability that A receives d votes first. We show how to recursively calculate the two probabilities for any fixed n and d, and also discuss their asymptotic values when n and d are sufficiently large

When Proof of Work Works

Proof of work (POW) is a set of cryptographic mechanisms which increase the cost of initiating a connection. Currently recipients bear as much or more cost per connection as initiators. The design goal of POW is to reverse the economics of connection initiation on the Internet. In the case of spam, the first economic examination of POW argued that POW would not, in fact, work. This result was based on the difference in production cost between legitimate and criminal enterprises. We illustrate that the difference in production costs enabled by zombies does not remove the efficacy of POW when work requirements are weighted. We illustrate that POW will work with a reputation system modeled on the systems currently used by commercial anti-spam companies. We also discuss how the variation on POW changes the nature of corresponding proofs from token currency to a notational currency

Bootstrapping Trust in Online Dating: Social Verification of Online Dating Profiles

Online dating is an increasingly thriving business which boasts billion-dollar revenues and attracts users in the tens of millions. Notwithstanding its popularity, online dating is not impervious to worrisome trust and privacy concerns raised by the disclosure of potentially sensitive data as well as the exposure to self-reported (and thus potentially misrepresented) information. Nonetheless, little research has, thus far, focused on how to enhance privacy and trustworthiness. In this paper, we report on a series of semi-structured interviews involving 20 participants, and show that users are significantly concerned with the veracity of online dating profiles. To address some of these concerns, we present the user-centered design of an interface, called Certifeye, which aims to bootstrap trust in online dating profiles using existing social network data. Certifeye verifies that the information users report on their online dating profile (e.g., age, relationship status, and/or photos) matches that displayed on their own Facebook profile. Finally, we present the results of a 161-user Mechanical Turk study assessing whether our veracity-enhancing interface successfully reduced concerns in online dating users and find a statistically significant trust increase.Comment: In Proceedings of Financial Cryptography and Data Security (FC) Workshop on Usable Security (USEC), 201

An efficient confidentiality-preserving Proof of Ownership for deduplication

Data storage in the cloud is becoming widespread. Deduplication is a key mechanism to decrease the operating costs cloud providers face, due to the reduction of replicated data storage. Nonetheless, deduplication must deal with several security threats such as honest-but-curious servers or malicious users who may try to take ownership of files they are not entitled to. Unfortunately, state-of-the-art solutions present weaknesses such as not coping with honest-but-curious servers, deployment problems, or lacking a sound security analysis. In this paper we present a novel Proof of Ownership scheme that uses convergent encryption and requires neither trusted third parties nor complex key management. The experimental evaluation highlights the efficiency and feasibility of our proposal that is proven to be secure under the random oracle model in the bounded leakage setting. (C) 2015 Elsevier Ltd. All rights reserved

Protecting Controllers against Denial-of-Service Attacks in Software-Defined Networks

Connection setup in software-defined networks (SDN) requires considerable amounts of processing, communication, and memory resources. Attackers can target SDN controllers defense mechanism based on a proof-of-work protocol. This thesis proposes a new protocol to protect controllers against such attacks, shows implementation of the system and analyze the its performance. The key characteristics of this protocol, namely its one-way operation, its requirement for freshness in proofs of work, its adjustable difficulty, its ability to work withmultiple network providers, and its use of existing TCP/IP header fields, ensure that this approach can be used in practice