45 research outputs found
Utilizing Public Blockchains for the Sybil-Resistant Bootstrapping of Distributed Anonymity Services
Distributed anonymity services, such as onion routing networks or
cryptocurrency tumblers, promise privacy protection without trusted third
parties. While the security of these services is often well-researched,
security implications of their required bootstrapping processes are usually
neglected: Users either jointly conduct the anonymization themselves, or they
need to rely on a set of non-colluding privacy peers. However, the typically
small number of privacy peers enable single adversaries to mimic distributed
services. We thus present AnonBoot, a Sybil-resistant medium to securely
bootstrap distributed anonymity services via public blockchains. AnonBoot
enforces that peers periodically create a small proof of work to refresh their
eligibility for providing secure anonymity services. A pseudo-random, locally
replicable bootstrapping process using on-chain entropy then prevents biasing
the election of eligible peers. Our evaluation using Bitcoin as AnonBoot's
underlying blockchain shows its feasibility to maintain a trustworthy
repository of 1000 peers with only a small storage footprint while supporting
arbitrarily large user bases on top of most blockchains.Comment: To be published in the proceedings of the 15th ACM ASIA Conference on
Computer and Communications Security (ACM ASIACCS'20
Decentralizing indexing and bootstrapping for online applications
https://doi.org/10.1049/blc2.12001Abstract Peer-to-peer (P2P) networks utilize centralized entities (trackers) to assist peers in finding and exchanging information. Although modern P2P protocols are now trackerless and their function relies on distributed hash tables (DHTs), centralized entities are still needed to build file indices (indexing) and assist users in joining DHT swarms (bootstrapping). Although the functionality of these centralized entities are limited, every peer in the network is expected to trust them to function as expected (e.g. to correctly index new files). In this work, a new approach for designing and building decentralized online applications is proposed by introducing DIBDApp. The approach combines blockchain, smart contracts and BitTorrent for building up a combined technology that permits to create decentralized applications that do not require any assistance from centralized entities. DIBDApp is a software library composed of Ethereum smart contracts and an API to the BitTorrent protocol that fully decentralizes indexing, bootstrapping and file storing. DIBDApp enables any peer to seamlessly connect to the designed smart contracts via the Web3J protocol. Extensive experimentation on the Rinkeby Ethereum testnet shows that applications built using the DIBDApp library can perform the same operations as in traditional back-end architectures with a gas cost of a few USD cents.Peer reviewe