Credit Network Payment Systems: Security, Privacy and Decentralization

A credit network models transitive trust between users and enables transactions between arbitrary pairs of users. With their flexible design and robustness against intrusions, credit networks form the basis of Sybil-tolerant social networks, spam-resistant communication protocols, and payment settlement systems. For instance, the Ripple credit network is used today by various banks worldwide as their backbone for cross-currency transactions. Open credit networks, however, expose users’ credit links as well as the transaction volumes to the public. This raises a significant privacy concern, which has largely been ignored by the research on credit networks so far. In this state of affairs, this dissertation makes the following contributions. First, we perform a thorough study of the Ripple network that analyzes and characterizes its security and privacy issues. Second, we define a formal model for the security and privacy notions of interest in a credit network. This model lays the foundations for secure and privacy-preserving credit networks. Third, we build PathShuffle, the first protocol for atomic and anonymous transactions in credit networks that is fully compatible with the currently deployed Ripple and Stellar credit networks. Finally, we build SilentWhispers, the first provably secure and privacy-preserving transaction protocol for decentralized credit networks. SilentWhispers can be used to simulate Ripple transactions while preserving the expected security and privacy guarantees

Exploring Confidentiality Issues in Hyperledger Fabric Business Applications

The rise of Bitcoin and cryptocurrencies over the last decade have made its underlying technology (blockchain) come into the spotlight. Blockchain is a secure ledger of linked records called blocks. These records are cryptographically immutable and any tampering with the block is evident through a change in the cryptographic signature of the block. Among the blockchains deployed in practice today, Hyperledger Fabric is a platform that allows businesses to make use of blockchains in their applications. However, confidentiality issues arise with respects to the blocks in this blockchain network due to the fact that blocks might contain sensitive information accessible to all peers with a copy of the blockchain. In this work, we aim to address the confidentiality issue present in current Hyperledger Fabric. Our current approach consists of leveraging cryptographic techniques to ensure the confidentiality of the shared data in the blockchain along with crafted access control policies so that only authorized peers can access the otherwise concealed data. This becomes a crucial requirement especially with business models that require their transaction information to be concealed. Recent results show that the use encryption along with interesting access control policies allow obfuscation of data for desired outside entities, although more work is required

Mixing Confidential Transactions: Comprehensive Transaction Privacy for Bitcoin

The public nature of the blockchain has been shown to be a severe threat for the privacy of Bitcoin users. Even worse, since funds can be tracked and tainted, no two coins are equal, and fungibility, a fundamental property required in every currency, is at risk. With these threats in mind, several privacy-enhancing technologies have been proposed to improve transaction privacy in Bitcoin. However, they either require a deep redesign of the currency, breaking many currently deployed features, or they address only specific privacy issues and consequently provide only very limited guarantees when deployed separately. The goal of this work is to overcome this trade-off. Building on CoinJoin, we design ValueShuffle, the first coin mixing protocol compatible with Confidential Transactions, a proposed enhancement to the Bitcoin protocol to hide payment values in the blockchain. ValueShuffle ensures the anonymity of mixing participants as well as the confidentiality of their payment values even against other possibly malicious mixing participants. By combining CoinJoin with Confidential Transactions and additionally Stealth Addresses, ValueShuffle provides comprehensive privacy (payer anonymity, payee anonymity, and payment value privacy) without breaking with fundamental design principles or features of the current Bitcoin system. Assuming that Confidential Transactions will be integrated in the Bitcoin protocol, ValueShuffle makes it possible to mix funds of different value as well as to mix and spend funds in the same transaction, which overcomes the two main limitations of previous coin mixing protocols

Análisis, diseño y optimización de una red local con intervlans troncalizadas y seguridad de acceso mediante la aplicación de acls

En esta tesis diseñamos una red local con 3 VLANS, las cuales se comunican entre ellas de manera troncalizada, para este propósito empleamos un router que permite la comunicación entre ellas. Sobre nuestro diseño implementamos los 4 principales protocolos de enrutamiento que existen en la actualidad que son: RIP V1, RIP V2, IGRP, y, EIGRP, siendo estos dos últimos protocolos propietarios de la marca CISCO. Realizamos pruebas de conectividad entre los distintos dispositivos que conformaron nuestra red, aplicando cada uno de los protocolos de enrutamiento detallados en este resumen, escogimos el mejor en base a la escalabilidad y convergencia, sobre la configuración de los routers con el protocolo seleccionado se aplicaron ACLS a las interfases tanto físicas como virtuales de los routers, con lo cual comprobamos el correcto funcionamiento de las ACLS. También se efectuaron pruebas de redundancia aplicando Etherchannel, tecnología propietaria de CISCO, se simularon caídas de enlace, verificando de esta manera la continuidad de la conectividad de nuestra re

Descripción de las unidades fonéticas y sintaxis fonológica del repertorio vocal del tití cabeciblanco (Saguinus oedipus) silvestre

We observed a population of cotton-top tamarins (Saguinus oedipus, Primates: Callitrichidae) in the municipality of Santa Catalina, Bolívar, northern Colombia. We observed them over 100 hours, and we recorded 16 hours of vocalizations, which were subsequently digitalized at 44.1 kHz, using Protools. We analyzed 2617 sounds with Raven 1.2, with the aim of identifying the phonetic units forming the vocal repertoire of this species, according to the following acoustic parameters: Duration (ms), change frequency (Hz), peak frequency (Hz), start frequency (Hz) and harmonics. In order to describe the vocal repertoire, the phonemes were classified into 11 groups, according to their form. The acoustic parameters were analyzed using confidence intervals, and 49 different sounds were identified. By assembling the phonetic units, 14 different vocalizations wer identified. The sounds emitted by cotton-top tamarins are of short duration (X= 0.0215 s). The lowest start frequency registered is 322.7 Hz and the highest is 13 956.5 Hz. The change in frequency ranges from 113.8 to 13 652.2 Hz. The peak frequencies range from 0 to 10 077.6 Hz. On the other hand, 37.4 % of sound lacks harmonics, and the remainder 62.6 % show between 1 and 12 harmonics.Estudiamos titíes cabeciblancos (Saguinus oedipus, Primates: Callitrichidae) durante más de 100 horas en el municipio de Santa Catalina, Bolívar norte de Colombia. Grabamos 16 horas de sus vocalizaciones, las cuales digitalizamos a 44.1 kHz, utilizando Protools. Analizamos 2617 sonidos con Raven 1.2, con el fin de identificar las unidades fonéticas que conforman el repertorio vocal de esta especie, de acuerdo a los siguientes parámetros acústicos: duración (ms), delta de frecuencia (Hz), pico de frecuencias (Hz), frecuencia de inicio (Hz) y cantidad de armónicos de cada unidad fonética. Para describir el repertorio vocal, clasificamos los fonemas en 11 grupos, según su forma. Con el análisis de los intervalos de confianza  de los parámetros acústicos, identificamos 49 sonidos diferentes. Mediante el ensamblaje de las unidades fonéticas, se identificaron 14 vocalizaciones diferentes.  Los sonidos emitidos por el tití cabeciblanco fueron de corta duración (X= 0.0215 s). La frecuencia de inicio más baja registrada fue de 322.7 Hz y la más alta de 13 956.5 Hz. El delta de frecuencias osciló entre 113.8 y 13 652.2 Hz., y el pico de frecuencias de 0 a 10 077.6 Hz. El 37.4 % de los sonidos emitidos por los titíes cabeciblancos carecen de armónicos y el 62.6 % restante presentan entre uno y doce armónicos

LedgerLocks: A Security Framework for Blockchain Protocols Based on Adaptor Signatures

The scalability and interoperability challenges in current cryptocurrencies have motivated the design of cryptographic protocols that enable efficient applications on top and across widely used cryptocurrencies such as Bitcoin or Ethereum. Examples of such protocols include (virtual) payment channels, atomic swaps, oracle-based contracts, deterministic wallets, and coin mixing services. Many of these protocols are built upon minimal core functionalities supported by a wide range of cryptocurrencies. Most prominently, adaptor signatures (AS) have emerged as a powerful tool for constructing blockchain protocols that are (mostly) agnostic to the specific logic of the underlying cryptocurrency. Even though AS-based protocols are built upon the same cryptographic principles, there exists no modular and faithful way for reasoning about their security. Instead, all the works analyzing such protocols focus on reproving how adaptor signatures are used to cryptographically link transactions while considering highly simplified blockchain models that do not capture security-relevant aspects of transaction execution in blockchain-based consensus. To help this, we present LedgerLocks, a framework for the secure design of AS-based blockchain applications in the presence of a realistic blockchain. LedgerLocks defines the concept of AS-locked transactions, transactions whose publication is bound to the knowledge of a cryptographic secret. We argue that AS-locked transactions are the common building block of AS-based blockchain protocols and we define $\mathcal{G}_{\mathsf{LedgerLocks}}$, a realistic ledger model in the Universal Composability framework with built-in support for AS-locked transactions. As LedgerLocks abstracts from the cryptographic realization of AS-locked transactions, it allows protocol designers to focus on the blockchain-specific security considerations instead

R3C3: Cryptographically secure Censorship Resistant Rendezvous using Cryptocurrencies

Cryptocurrencies and blockchains are set to play a major role in the financial and supply-chain systems. Their presence and acceptance across different geopolitical corridors, including in repressive regimes, have been one of their striking features. In this work, we leverage this popularity for bootstrapping censorship resistant (CR) communication. We formalize the notion of stego-bootstrapping scheme and formally describe the security notions of the scheme in terms of rareness and security against chosen-covertext attacks. We present R3C3, a Cryptographically secure Censorship-Resistant Rendezvous using Cryptocurrencies. R3C3 allows a censored user to interact with a decoder entity outside the censored region, through blockchain transactions as rendezvous, to obtain bootstrapping information such as a CR proxy and its public key. Unlike the usual bootstrapping approaches (e.g., emailing) with heuristic security if any, R3C3 employs public-key steganography over blockchain transactions to ensure cryptographic security, while the blockchain transaction costs may deter the entry-point harvesting attacks. We develop bootstrapping rendezvous over Bitcoin, Zcash, Monero and Ethereum as well as the typical mining process, and analyze their effectivity in terms of cryptocurrency network volume and introduced monetary cost. With its highly cryptographic structure, Zcash is an outright winner for normal users with 1168 byte bandwidth per transaction costing only 0.03 USD as the fee, while mining pool managers have a free, extremely high bandwidth rendezvous when they mine a block

A2{^2}L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs

Payment channel hubs (PCHs) constitute a promising solution to the inherent scalability problems of blockchain technologies, allowing for off-chain payments between sender and receiver through an intermediary, called the tumbler. While state-of-the-art PCHs provide security and privacy guarantees against a malicious tumbler, they do so by relying on the scripting-based functionality available only at few cryptocurrencies, and they thus fall short of fundamental properties such as backwards compatibility and efficiency. In this work, we present the first PCH protocol to achieve all aforementioned properties. Our PCH builds upon A${^2}$L, a novel cryptographic primitive that realizes a three-party protocol for conditional transactions, where the tumbler pays the receiver only if the latter solves a cryptographic challenge with the help of the sender, which implies the sender has paid the tumbler. We prove the security and privacy guarantees of A${^2}$L (which carry over to our PCH construction) in the Universal Composability framework and present a provably secure instantiation based on adaptor signatures and randomizable puzzles. We implemented A${^2}$L and compared it to TumbleBit, the state-of-the-art Bitcoin-compatible PCH. Asymptotically, A${^2}$L has a communication complexity that is constant, as opposed to linear in the security parameter like in TumbleBit. In practice, A${^2}$L requires $\sim33$x less bandwidth than TumleBit, while retaining the computational cost (or providing $2$x speedup with a preprocessing technique). This demonstrates that A${^2}$L (and thus our PCH construction) is ready to be deployed today. In theory, we demonstrate for the first time that it is possible to design a secure and privacy-preserving PCH while requiring only digital signatures and timelock functionality from the underlying scripting language. In practice, this result makes our PCH backwards compatible with virtually all cryptocurrencies available today, even those offering a highly restricted form of scripting language such as Ripple or Stellar. The practical appealing of our construction has resulted in a proof-of-concept implementation in the COMIT Network, a blockchain technology focused on cross-currency payments