Credit Network Payment Systems: Security, Privacy and Decentralization

A credit network models transitive trust between users and enables transactions between arbitrary pairs of users. With their flexible design and robustness against intrusions, credit networks form the basis of Sybil-tolerant social networks, spam-resistant communication protocols, and payment settlement systems. For instance, the Ripple credit network is used today by various banks worldwide as their backbone for cross-currency transactions. Open credit networks, however, expose users’ credit links as well as the transaction volumes to the public. This raises a significant privacy concern, which has largely been ignored by the research on credit networks so far. In this state of affairs, this dissertation makes the following contributions. First, we perform a thorough study of the Ripple network that analyzes and characterizes its security and privacy issues. Second, we define a formal model for the security and privacy notions of interest in a credit network. This model lays the foundations for secure and privacy-preserving credit networks. Third, we build PathShuffle, the first protocol for atomic and anonymous transactions in credit networks that is fully compatible with the currently deployed Ripple and Stellar credit networks. Finally, we build SilentWhispers, the first provably secure and privacy-preserving transaction protocol for decentralized credit networks. SilentWhispers can be used to simulate Ripple transactions while preserving the expected security and privacy guarantees

Exploring Confidentiality Issues in Hyperledger Fabric Business Applications

The rise of Bitcoin and cryptocurrencies over the last decade have made its underlying technology (blockchain) come into the spotlight. Blockchain is a secure ledger of linked records called blocks. These records are cryptographically immutable and any tampering with the block is evident through a change in the cryptographic signature of the block. Among the blockchains deployed in practice today, Hyperledger Fabric is a platform that allows businesses to make use of blockchains in their applications. However, confidentiality issues arise with respects to the blocks in this blockchain network due to the fact that blocks might contain sensitive information accessible to all peers with a copy of the blockchain. In this work, we aim to address the confidentiality issue present in current Hyperledger Fabric. Our current approach consists of leveraging cryptographic techniques to ensure the confidentiality of the shared data in the blockchain along with crafted access control policies so that only authorized peers can access the otherwise concealed data. This becomes a crucial requirement especially with business models that require their transaction information to be concealed. Recent results show that the use encryption along with interesting access control policies allow obfuscation of data for desired outside entities, although more work is required

Análisis, diseño y optimización de una red local con intervlans troncalizadas y seguridad de acceso mediante la aplicación de acls

En esta tesis diseñamos una red local con 3 VLANS, las cuales se comunican entre ellas de manera troncalizada, para este propósito empleamos un router que permite la comunicación entre ellas. Sobre nuestro diseño implementamos los 4 principales protocolos de enrutamiento que existen en la actualidad que son: RIP V1, RIP V2, IGRP, y, EIGRP, siendo estos dos últimos protocolos propietarios de la marca CISCO. Realizamos pruebas de conectividad entre los distintos dispositivos que conformaron nuestra red, aplicando cada uno de los protocolos de enrutamiento detallados en este resumen, escogimos el mejor en base a la escalabilidad y convergencia, sobre la configuración de los routers con el protocolo seleccionado se aplicaron ACLS a las interfases tanto físicas como virtuales de los routers, con lo cual comprobamos el correcto funcionamiento de las ACLS. También se efectuaron pruebas de redundancia aplicando Etherchannel, tecnología propietaria de CISCO, se simularon caídas de enlace, verificando de esta manera la continuidad de la conectividad de nuestra re

Descripción de las unidades fonéticas y sintaxis fonológica del repertorio vocal del tití cabeciblanco (Saguinus oedipus) silvestre

We observed a population of cotton-top tamarins (Saguinus oedipus, Primates: Callitrichidae) in the municipality of Santa Catalina, Bolívar, northern Colombia. We observed them over 100 hours, and we recorded 16 hours of vocalizations, which were subsequently digitalized at 44.1 kHz, using Protools. We analyzed 2617 sounds with Raven 1.2, with the aim of identifying the phonetic units forming the vocal repertoire of this species, according to the following acoustic parameters: Duration (ms), change frequency (Hz), peak frequency (Hz), start frequency (Hz) and harmonics. In order to describe the vocal repertoire, the phonemes were classified into 11 groups, according to their form. The acoustic parameters were analyzed using confidence intervals, and 49 different sounds were identified. By assembling the phonetic units, 14 different vocalizations wer identified. The sounds emitted by cotton-top tamarins are of short duration (X= 0.0215 s). The lowest start frequency registered is 322.7 Hz and the highest is 13 956.5 Hz. The change in frequency ranges from 113.8 to 13 652.2 Hz. The peak frequencies range from 0 to 10 077.6 Hz. On the other hand, 37.4 % of sound lacks harmonics, and the remainder 62.6 % show between 1 and 12 harmonics.Estudiamos titíes cabeciblancos (Saguinus oedipus, Primates: Callitrichidae) durante más de 100 horas en el municipio de Santa Catalina, Bolívar norte de Colombia. Grabamos 16 horas de sus vocalizaciones, las cuales digitalizamos a 44.1 kHz, utilizando Protools. Analizamos 2617 sonidos con Raven 1.2, con el fin de identificar las unidades fonéticas que conforman el repertorio vocal de esta especie, de acuerdo a los siguientes parámetros acústicos: duración (ms), delta de frecuencia (Hz), pico de frecuencias (Hz), frecuencia de inicio (Hz) y cantidad de armónicos de cada unidad fonética. Para describir el repertorio vocal, clasificamos los fonemas en 11 grupos, según su forma. Con el análisis de los intervalos de confianza  de los parámetros acústicos, identificamos 49 sonidos diferentes. Mediante el ensamblaje de las unidades fonéticas, se identificaron 14 vocalizaciones diferentes.  Los sonidos emitidos por el tití cabeciblanco fueron de corta duración (X= 0.0215 s). La frecuencia de inicio más baja registrada fue de 322.7 Hz y la más alta de 13 956.5 Hz. El delta de frecuencias osciló entre 113.8 y 13 652.2 Hz., y el pico de frecuencias de 0 a 10 077.6 Hz. El 37.4 % de los sonidos emitidos por los titíes cabeciblancos carecen de armónicos y el 62.6 % restante presentan entre uno y doce armónicos

R3C3: Cryptographically secure Censorship Resistant Rendezvous using Cryptocurrencies

Cryptocurrencies and blockchains are set to play a major role in the financial and supply-chain systems. Their presence and acceptance across different geopolitical corridors, including in repressive regimes, have been one of their striking features. In this work, we leverage this popularity for bootstrapping censorship resistant (CR) communication. We formalize the notion of stego-bootstrapping scheme and formally describe the security notions of the scheme in terms of rareness and security against chosen-covertext attacks. We present R3C3, a Cryptographically secure Censorship-Resistant Rendezvous using Cryptocurrencies. R3C3 allows a censored user to interact with a decoder entity outside the censored region, through blockchain transactions as rendezvous, to obtain bootstrapping information such as a CR proxy and its public key. Unlike the usual bootstrapping approaches (e.g., emailing) with heuristic security if any, R3C3 employs public-key steganography over blockchain transactions to ensure cryptographic security, while the blockchain transaction costs may deter the entry-point harvesting attacks. We develop bootstrapping rendezvous over Bitcoin, Zcash, Monero and Ethereum as well as the typical mining process, and analyze their effectivity in terms of cryptocurrency network volume and introduced monetary cost. With its highly cryptographic structure, Zcash is an outright winner for normal users with 1168 byte bandwidth per transaction costing only 0.03 USD as the fee, while mining pool managers have a free, extremely high bandwidth rendezvous when they mine a block

A2{^2}L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs

Payment channel hubs (PCHs) constitute a promising solution to the inherent scalability problems of blockchain technologies, allowing for off-chain payments between sender and receiver through an intermediary, called the tumbler. While state-of-the-art PCHs provide security and privacy guarantees against a malicious tumbler, they do so by relying on the scripting-based functionality available only at few cryptocurrencies, and they thus fall short of fundamental properties such as backwards compatibility and efficiency. In this work, we present the first PCH protocol to achieve all aforementioned properties. Our PCH builds upon A${^2}$L, a novel cryptographic primitive that realizes a three-party protocol for conditional transactions, where the tumbler pays the receiver only if the latter solves a cryptographic challenge with the help of the sender, which implies the sender has paid the tumbler. We prove the security and privacy guarantees of A${^2}$L (which carry over to our PCH construction) in the Universal Composability framework and present a provably secure instantiation based on adaptor signatures and randomizable puzzles. We implemented A${^2}$L and compared it to TumbleBit, the state-of-the-art Bitcoin-compatible PCH. Asymptotically, A${^2}$L has a communication complexity that is constant, as opposed to linear in the security parameter like in TumbleBit. In practice, A${^2}$L requires $\sim33$x less bandwidth than TumleBit, while retaining the computational cost (or providing $2$x speedup with a preprocessing technique). This demonstrates that A${^2}$L (and thus our PCH construction) is ready to be deployed today. In theory, we demonstrate for the first time that it is possible to design a secure and privacy-preserving PCH while requiring only digital signatures and timelock functionality from the underlying scripting language. In practice, this result makes our PCH backwards compatible with virtually all cryptocurrencies available today, even those offering a highly restricted form of scripting language such as Ripple or Stellar. The practical appealing of our construction has resulted in a proof-of-concept implementation in the COMIT Network, a blockchain technology focused on cross-currency payments

Get Me out of This Payment! Bailout: An HTLC Re-routing Protocol

The Lightning Network provides almost-instant payments to its parties. In addition to direct payments requiring a shared payment channel, parties can pay each other in the form of multi-hop payments via existing channels. Such multi-hop payments rely on a 2-phase commit protocol to achieve balance security; that is, no honest intermediary party loses her coins. Unfortunately, failures or attacks in this 2-phase commit protocol can lead to coins being committed (locked) in a payment for extended periods of time (in the order of days in the worst case). During these periods, parties cannot go offline without losing funds due to their existing commitments, even if they use watchtowers. Furthermore, they cannot use the locked funds for initiating or forwarding new payments, reducing their opportunities to use their coins and earn fees. We introduce Bailout, the first protocol that allows intermediary parties in a multi-hop payment to unlock their coins before the payment completes by re-routing the payment over an alternative path. We achieve this by creating a circular payment route starting from the intermediary party in the opposite direction of the original payment. Once the circular payment is locked, both payments are canceled for the intermediary party, which frees the coins of the corresponding channels. This way, we create an alternative route for the ongoing multi-hop payment without involving the sender or receiver. The parties on the alternative path are incentivized to participate through fees. We evaluate the utility of our protocol using a real-world Lightning Network snapshot. Bailouts may fail due to insufficient balance in alternative paths used for re-routing. We find that attempts of a node to bailout typically succeed with a probability of more than 94% if at least one alternative path exists