40 research outputs found
Condorcet Attack Against Fair Transaction Ordering
We introduce the Condorcet attack, a new threat to fair transaction ordering.
Specifically, the attack undermines batch-order-fairness, the strongest notion
of transaction fair ordering proposed to date. The batch-order-fairness
guarantees that a transaction tx is ordered before tx' if a majority of nodes
in the system receive tx before tx'; the only exception (due to an
impossibility result) is when tx and tx' fall into a so-called "Condorcet
cycle". When this happens, tx and tx' along with other transactions within the
cycle are placed in a batch, and any unfairness inside a batch is ignored. In
the Condorcet attack, an adversary attempts to undermine the system's fairness
by imposing Condorcet cycles to the system. In this work, we show that the
adversary can indeed impose a Condorcet cycle by submitting as few as two
otherwise legitimate transactions to the system. Remarkably, the adversary
(e.g., a malicious client) can achieve this even when all the nodes in the
system behave honestly. A notable feature of the attack is that it is capable
of "trapping" transactions that do not naturally fall inside a cycle, i.e.
those that are transmitted at significantly different times (with respect to
the network latency). To mitigate the attack, we propose three methods based on
three different complementary approaches. We show the effectiveness of the
proposed mitigation methods through simulations, and explain their limitations
On the Semantic Security of Secret Image Sharing Methods
In this paper, a cryptanalysis is performed of the previous secret image sharing methods and an improvement is proposedIn this work, we analyze some of the existing secret image sharing methods and show that they do not possess
indistinguishability, a property of many secure systems. We propose a new method based on the threshold secret sharing scheme for images in the compressed and uncompressed domains. Our method generates minimal share sizes with similar computational cost to previous methods,
yet it is computationally secure and satisfies the indistinguishability property