Janus: Toward Preventing Counterfeits in Supply Chains Utilizing a Multi-Quorum Blockchain

The modern pharmaceutical supply chain lacks transparency and traceability, resulting in alarming rates of counterfeit products entering the market. These illegitimate products cause harm to end users and wreak havoc on the supply chain itself, costing billions of dollars in profit loss. In this paper, in response to the Drug Supply Chain Security Act (DSCSA), we introduce Janus, a novel pharmaceutical track-and-trace system that utilizes blockchain and cloning-resistant hologram tags to prevent counterfeits from entering the pharmaceutical supply chain. We design a multi-quorum consensus protocol that achieves load balancing across the network. We perform a security analysis to show robustness against various threats and attacks. The implementation of Janus proves that the system is fair, scalable, and resilient

Fusion: Privacy-preserving distributed protocol for high-dimensional data mashup

© 2015 IEEE. In the last decade, several approaches concerning private data release for data mining have been proposed. Data mashup, on the other hand, has recently emerged as a mechanism for integrating data from several data providers. Fusing both techniques to generate mashup data in a distributed environment while providing privacy and utility guarantees on the output involves several challenges. That is, how to ensure that no unnecessary information is leaked to the other parties during the mashup process, how to ensure the mashup data is protected against certain privacy threats, and how to handle the high-dimensional nature of the mashup data while guaranteeing high data utility. In this paper, we present Fusion, a privacy-preserving multi-party protocol for data mashup with guaranteed LKC-privacy for the purpose of data mining. Experiments on real-life data demonstrate that the anonymous mashup data provide better data utility, the approach can handle high dimensional data, and it is scalable with respect to the data size

BroncoVote: Secure Voting System Using Ethereum’s Blockchain

Voting is a fundamental part of democratic systems; it gives individuals in a community the faculty to voice their opinion. In recent years, voter turnout has diminished while concerns regarding integrity, security, and accessibility of current voting systems have escalated. E-voting was introduced to address those concerns; however, it is not cost-effective and still requires full supervision by a central authority. The blockchain is an emerging, decentralized, and distributed technology that promises to enhance different aspects of many industries. Expanding e-voting into blockchain technology could be the solution to alleviate the present concerns in e-voting. In this paper, we propose a blockchain-based voting system, named BroncoVote, that preserves voter privacy and increases accessibility, while keeping the voting system transparent, secure, and cost-effective. BroncoVote implements a university-scaled voting framework that utilizes Ethereum’s blockchain and smart contracts to achieve voter administration and auditable voting records. In addition, BroncoVote utilizes a few cryptographic techniques, including homomorphic encryption, to promote voter privacy. Our implementation was deployed on Ethereum’s Testnet to demonstrate usability, scalability, and efficiency

SafePath: Differentially-private publishing of passenger trajectories in transportation systems

© 2018 Elsevier B.V. In recent years, the collection of spatio-temporal data that captures human movements has increased tremendously due to the advancements in hardware and software systems capable of collecting person-specific data. The bulk of the data collected by these systems has numerous applications, or it can simply be used for general data analysis. Therefore, publishing such big data is greatly beneficial for data recipients. However, in its raw form, the collected data contains sensitive information pertaining to the individuals from which it was collected and must be anonymized before publication. In this paper, we study the problem of privacy-preserving passenger trajectories publishing and propose a solution under the rigorous differential privacy model. Unlike sequential data, which describes sequentiality between data items, handling spatio-temporal data is a challenging task due to the fact that introducing a temporal dimension results in extreme sparseness. Our proposed solution introduces an efficient algorithm, called SafePath, that models trajectories as a noisy prefix tree and publishes ϵ-differentially-private trajectories while minimizing the impact on data utility. Experimental evaluation on real-life transit data in Montreal suggests that SafePath significantly improves efficiency and scalability with respect to large and sparse datasets, while achieving comparable results to existing solutions in terms of the utility of the sanitized data

A Certificateless One-Way Group Key Agreement Protocol for End-to-End Email Encryption

Over the years, email has evolved into one of the most widely used communication channels for both individuals and organizations. However, despite near ubiquitous use in much of the world, current information technology standards do not place emphasis on email security. Not until recently, webmail services such as Yahoo\u27s mail and Google\u27s gmail started to encrypt emails for privacy protection. However, the encrypted emails will be decrypted and stored in the service provider\u27s servers. If the servers are malicious or compromised, all the stored emails can be read, copied and altered. Thus, there is a strong need for end-to-end (E2E) email encryption to protect email user\u27s privacy. In this paper, we present a certificateless one-way group key agreement protocol with the following features, which are suitable to implement E2E email encryption: (1) certificateless and thus there is no key escrow problem and no public key certificate infrastructure is required; (2) one-way group key agreement and thus no back-and-forth message exchange is required; and (3) n-party group key agreement (not just 2- or 3-party). This paper also provides a security proof for the proposed protocol using proof by simulation . Finally, efficiency analysis of the protocol is presented at the end of the paper

Provisions: Privacy-preserving proofs of solvency for Bitcoin exchanges

Bitcoin exchanges function like banks, securely holding their customers\u27 bitcoins on their behalf. Several exchanges have suffered catastrophic losses with customers permanently losing their savings. A proof of solvency demonstrates that the exchange controls sufficient reserves to settle each customer\u27s account. We introduce Provisions, a privacy-preserving proof of solvency whereby an exchange does not have to disclose its Bitcoin addresses; total holdings or liabilities; or any information about its customers. We also propose an extension which prevents exchanges from colluding to cover for each other\u27s losses. We have implemented Provisions and show that it offers practical computation times and proof sizes even for a large Bitcoin exchange with millions of customers

Variance: Secure Two-Party Protocol for Efficient Asset Comparison in Bitcoin

Secure multiparty protocols are useful tools for parties wishing to jointly compute a function while keeping their input data secret. The millionaires\u27 problem is the first secure two-party computation problem, where the goal is to securely compare two private numbers without a trusted third-party. There have been several solutions to the problem; however, these solutions are either insecure in the malicious model or cannot verify the validity of inputs. In this paper, we introduce Variance, a privacy-preserving two-party protocol for solving Yao\u27s millionaires\u27 problem in a Bitcoin setting, in which each party controls several Bitcoin accounts (single and multi signature addresses) and they want to find out who owns more bitcoins without revealing (1) how many accounts they own or the addresses associated with their accounts, (2) the balance of any of their accounts, and (3) their total wealth of bitcoins while assuring the other party that they are not claiming more bitcoin than they possess. We utilize zero knowledge proofs to provide a solution to the problem, and subsequently prove that Variance is secure against active adversaries in the malicious model

ACCORD: A Scalable Multileader Consensus Protocol for Healthcare Blockchain

Blockchain is an emerging distributed and decentralized technology that promises to revolutionize the healthcare sector by securely storing and maintaining incorruptible electronic health record data. Consensus protocols are at the core of blockchain technology. They establish security and integrity in the system by ensuring that the majority of miners are in agreement on all transactions and blocks added to the distributed ledger. While many consensus protocols have been proposed, most of them require heavy computation and are not scalable. In this work, we propose a novel permissioned consensus protocol, named ACCORD, a multi-leader (quorum-based) protocol that achieves fork-resistance, robustness, and scalability. To achieve this, ACCORD consists of three distinct components: 1) an asynchronous quorum selection procedure to designate the creators of future blocks; 2) a block creation protocol run by the quorum to prevent omissions in the presence of honest quorum members; and 3) a decentralized arbitration protocol to ensure consensus by voting. Additionally, we implemented the protocol and conducted experiments to demonstrate scalability, robustness, and fairness

PRISM: A Blockchain-Enabled Reputation-Based Consensus for Enhancing Scientific Workflow Provenance

Recent surveys and reports have shed a spotlight on the disconcerting prevalence of scientific fraud, prompting the call for robust systems to uphold integrity in scientific research. In this paper, we introduce PRISM, a novel blockchain-based solution designed to address the challenges of storing provenance records for scientific workflows on a decentralized ledger. PRISM aims to enhance the reputability of scientific findings by providing a flexible and dynamic framework that accommodates the evolving nature of scientific research. We introduce a reputation-based quorum consensus protocol (POER) that involves two pivotal actors: miners and quorum members. Reputation is a central aspect of the protocol, motivating miners to provide accurate and timely results. The quorum composition dynamically adjusts after each block addition to involve the most trustworthy and effective nodes in decision-making processes. We describe the process of selecting quorum members using reputation and task sharding to efficiently divide workflow tasks among miners. Additionally, we outline the capability of PRISM to support workflow modifications, allowing researchers to adapt workflows during experiments while maintaining complete transparency and immutability. Our experimental evaluation highlights the fairness and scalability of PRISM

Janus: Toward preventing counterfeits in supply chains utilizing a multi-quorum blockchain

The modern pharmaceutical supply chain lacks transparency and traceability, resulting in alarming rates of counterfeit products entering the market. These illegitimate products cause harm to end users and wreak havoc on the supply chain itself, costing billions of dollars in profit loss. In this paper, in response to the Drug Supply Chain Security Act (DSCSA), we introduce Janus, a novel pharmaceutical track-and-trace system that utilizes blockchain and cloning-resistant hologram tags to prevent counterfeits from entering the pharmaceutical supply chain. We design a multi-quorum consensus protocol that achieves load balancing across the network. We perform a security analysis to show robustness against various threats and attacks. The implementation of Janus proves that the system is fair, scalable, and resilient