Yankai Xie,Qingtao Wang,Ruoyue Li,Chi Zhang,Lingbo Wei

DOI: https://doi.org/10.1109/tsc.2023.3290605

IF: 11.019

2023-01-01

IEEE Transactions on Services Computing

Abstract:Running a typical Bitcoin client (also called full node) needs more than 444 GB of disk space, considerable time, and computational resources to synchronize the entire blockchain, which is infeasible for resource-constrained devices. To address such concerns, the lightweight Bitcoin client proposed by Satoshi outsources most of computational and storage burdens to full nodes. Unfortunately, interacting with full nodes to query transactions leaks considerable information like addresses and transactions of lightweight client users. Thus, Bitcoin users that rely on lightweight clients are subject to de-anonymization, which defeats users privacy. Traditional schemes cannot support lightweight clients to query transactions from full nodes in an efficient yet privacy-preserving way. In this paper, we propose a new efficient yet privacy-preserving transaction query scheme that specially targets the missing support for lightweight clients. We identify unique characteristics of the Bitcoin blockchain and craft a highly customized private information retrieval scheme called BIT-PIR to match the Bitcoin transaction query scenario and boost performances. Moreover, we customize a storage structure of the Bitcoin blockchain so that it further improves the query efficiency of our scheme. Finally, we develop a prototype implementation to demonstrate the feasibility of our proposed scheme.

computer science, information systems, software engineering

Archana Chhabra,Rahul Saha,Gulshan Kumar

DOI: https://doi.org/10.1007/s10586-024-04387-6

2024-04-09

Cluster Computing

Abstract:The advent of blockchain technology has revolutionized Internet-of-Thing (IoT) systems offering immutable and transparent ledger mechanisms. However, this transformative technology has also brought significant challenges related to user privacy. Though the existing solutions offer various privacy enrichment in blockchain systems through cryptographic methods, the problems of deanonymization (the issue of revealing users' identities) and linkability of transactions still persist. Furthermore, recent reported news also shows privacy leakages in blockchain systems. Thus, we require a comprehensive privacy-assured blockchain framework to address the above-mentioned problems. In this paper, we introduce a novel privacy-preserving framework for blockchain transactions along with private information retrieval (PIR) to combat the above-mentioned privacy issues in blockchains. We call our proposed approach "PRIvacy-ensured framework for Blockchain trANsactions with pIr (PRIBANI)". PRIBANI uses randomizing ring signatures, Public key Encryption-based Keyword Search (PEKS), and PIR techniques to protect the privacy of the user and the history of the transaction data. We run a set of experiments on our proposed PRIBANI to evaluate the privacy attainment of the framework based on user anonymity, transaction anonymity, and unlinkability. We also compare PRIBANI with state-of-the-art models and show that PRIBANI gives a better throughput with an average of 56 transactions per second (TPS) and incurs low latency which is approximately 5% less than the existing schemes and an average communication overhead of 3.2 kilobytes (kbytes). Overall, PRIBANI is efficient in executing privacy-ensured blockchain transactions.

computer science, information systems, theory & methods

Ya-nan Li,Tian Qiu,Qiang Tang

DOI: https://doi.org/10.48550/arXiv.2309.01667

2023-09-04

Abstract:Cryptocurrency exchange platforms such as Coinbase, Binance, enable users to purchase and sell cryptocurrencies conveniently just like trading stocks/commodities. However, because of the nature of blockchain, when a user withdraws coins (i.e., transfers coins to an external on-chain account), all future transactions can be learned by the platform. This is in sharp contrast to conventional stock exchange where all external activities of users are always hidden from the platform. Since the platform knows highly sensitive user private information such as passport number, bank information etc, linking all (on-chain) transactions raises a serious privacy concern about the potential disastrous data breach in those cryptocurrency exchange platforms. In this paper, we propose a cryptocurrency exchange that restores user anonymity for the first time. To our surprise, the seemingly well-studied privacy/anonymity problem has several new challenges in this setting. Since the public blockchain and internal transaction activities naturally provide many non-trivial leakages to the platform, internal privacy is not only useful in the usual sense but also becomes necessary for regaining the basic anonymity of user transactions. We also ensure that the user cannot double spend, and the user has to properly report accumulated profit for tax purposes, even in the private setting. We give a careful modeling and efficient construction of the system that achieves constant computation and communication overhead (with only simple cryptographic tools and rigorous security analysis); we also implement our system and evaluate its practical performance.

Cryptography and Security

Syed Mahbub Hafiz,Chitrabhanu Gupta,Warren Wnuck,Brijesh Vora,Chen-Nee Chuah

2024-03-20

Abstract:Private information retrieval (PIR), a privacy-preserving cryptographic tool, solves a simplified version of this problem by hiding the database item that a client accesses. Most PIR protocols require the client to know the exact row index of the intended database item, which cannot support the complicated aggregation-based statistical query in a similar setting. Some works in the PIR space contain keyword searching and SQL-like queries, but most need multiple interactions between the PIR client and PIR servers. Some schemes support searching SQL-like expressive queries in a single round but fail to enable aggregate queries. These schemes are the main focus of this paper. To bridge the gap, we have built a general-purpose novel information-theoretic PIR (IT-PIR) framework that permits a user to fetch the aggregated result, hiding all sensitive sections of the complex query from the hosting PIR server in a single round of interaction. In other words, the server will not know which records contribute to the aggregation. We then evaluate the feasibility of our protocol for both benchmarking and real-world application settings. For instance, in a complex aggregate query to the Twitter microblogging database of 1 million tweets, our protocol takes 0.014 seconds for a PIR server to generate the result when the user is interested in one of 3K user handles. In contrast, for a much-simplified task, not an aggregate but a positional query, Goldberg's regular IT-PIR (Oakland 2007) takes 1.13 seconds. For all possible user handles, 300K, it takes equal time compared to the regular IT-PIR. This example shows that complicated aggregate queries through our framework do not incur additional overhead if not less, compared to the conventional query.

Computer Science

Yuxian Li,Jian Weng,Wei Wu,Ming Li,Yingjiu Li,Haoxin Tu,Yongdong Wu,Robert.H. Deng

DOI: https://doi.org/10.1016/j.jpdc.2023.104721

IF: 4.542

2023-06-03

Journal of Parallel and Distributed Computing

Abstract:Blockchain systems, one of the most popular distributed systems, are well-applied in various scenarios, e.g., logistics and finance. However, traditional blockchain systems suffer from scalability issues. To tackle this issue, Payment Channel Hubs (PCHs) are proposed. Recent efforts, such as A2L (SP'21) and Teechain (SOSP'19), enhance the privacy, reusability, and interoperability properties of PCHs. Nevertheless, these solutions have intrinsic limitations: they rely on trusted hardware or suffer from the deposit lock-in problem. Furthermore, the functionalities of some of these solutions are restricted to fixed-amount payments and do not support multi-party participation. These aforementioned problems limit their capabilities to alleviate blockchain scalability issues. In this paper, we propose PRI, a novel PCH solution that simultaneously guarantees transaction P rivacy (i.e., relationship unlinkability and value confidentiality), deposit R eusability, and blockchain I nteroperability, which can mitigate the aforementioned problems. PRI is constructed by several new building blocks, including (1) an atomic deposit protocol that enforces user and hub to deposit equivalent assets in a shared address for building a fair payment channel; (2) a privacy-preserving deposit certification scheme that leverages the Pointcheval and Sanders signature and non-interactive zero-knowledge proof to resolve the deposit lock-in issue in maintaining payment channels; (3) a range proof which ensures the legality and confidentiality of transaction values. We conduct extensive experimental evaluations of PRI, demonstrating that it improves the state-of-the-art approaches in terms of performance.

computer science, theory & methods

Shang, Shuai,Wang, Haolin,Cai, Ziwen,Zhao, Yun,Li, Xiong

DOI: https://doi.org/10.1007/s11235-024-01162-1

2024-05-29

Telecommunication Systems

Abstract:Private information retrieval, which allows users to securely retrieve information stored in a single server or multiple servers without disclosing any query content to the server, has attracted much attention in recent years. However, most of the existing private information retrieval schemes cannot achieve data retrieval and data integrity authentication simultaneously. To address the above challenges, this paper proposes a verifiable private information retrieval scheme based on parity in a single-server architecture. Specifically, the data owner generates parity information for each data and extends the original database. Then the data owner generates hint information for the query client, and according to the inverse of the hint information, the matrix confusion and permutation of the extensible database are carried out on the database and the hint information is sent to the client. The client selects the corresponding element in the hint to generate the query vector and executes the reconstruction and verification phase after receiving the answer to accomplish the retrieval process. A series of security games prove that this scheme meets the privacy requirements defined by the PIR scheme, and experimental analysis shows that compared with related schemes, our scheme has certain advantages in time cost. The time of verification information generation is 0.3% of APIR and FMAPIR, the reconstruction time is 1.6% of APIR and 1.1% of FMAPIR and the query time is much less than them.

telecommunications

Miti Mazmudar,Shannon Veitch,Rasoul Akhavan Mahdavi

2024-11-26

Abstract:The InterPlanetary File System (IPFS) is a peer-to-peer network for storing data in a distributed file system, hosting over 190,000 peers spanning 152 countries. Despite its prominence, the privacy properties that IPFS offers to peers are severely limited. Any query within the network leaks the queried content to other peers. We address IPFS' privacy leakage across three functionalities (peer routing, provider advertisements, and content retrieval), ultimately empowering peers to privately navigate and retrieve content in the network. Our work highlights and addresses novel challenges inherent to integrating PIR into distributed systems. We present our new, private protocols and demonstrate that they incur reasonably low communication and computation overheads. We also provide a systematic comparison of state-of-art PIR protocols in the context of distributed systems.

Cryptography and Security

QingChun ShenTu,JianPing Yu

DOI: https://doi.org/10.48550/arXiv.1509.06160

2015-09-21

Abstract:The anonymity of the Bitcoin system has some shortcomings. Analysis of Transaction Chain (ATC) and Analysis of Bitcoin Protocol and Network (ABPN) are two important methods of deanonymizing bitcoin transactions. Nowadays, there are some anonymization methods to combat ATC but there has been little research into ways to counter ABPN. This paper proposes a new anonymization technology called Transaction Remote Release (TRR). Inspired by The Onion Router (TOR), TRR is able to render several typical attacking methods of ABPN ineffective. Furthermore, the performance of encryption and decryption of TRR is good and the growth rate of the cipher is very limited. Hence, TRR is suited for practical applications.

Cryptography and Security

Hsuan-Yin Lin,Siddhartha Kumar,Eirik Rosnes,Alexandre Graell i Amat,Eitan Yaakobi

DOI: https://doi.org/10.48550/arXiv.2007.10174

2021-11-02

Abstract:Private information retrieval (PIR) protocols ensure that a user can download a file from a database without revealing any information on the identity of the requested file to the servers storing the database. While existing protocols strictly impose that no information is leaked on the file's identity, this work initiates the study of the tradeoffs that can be achieved by relaxing the perfect privacy requirement. We refer to such protocols as weakly-private information retrieval (WPIR) protocols. In particular, for the case of multiple noncolluding replicated servers, we study how the download rate, the upload cost, and the access complexity can be improved when relaxing the full privacy constraint. To quantify the information leakage on the requested file's identity we consider mutual information (MI), worst-case information leakage, and maximal leakage (MaxL). We present two WPIR schemes, denoted by Scheme A and Scheme B, based on two recent PIR protocols and show that the download rate of the former can be optimized by solving a convex optimization problem. We also show that Scheme A achieves an improved download rate compared to the recently proposed scheme by Samy et al. under the so-called $\epsilon$-privacy metric. Additionally, a family of schemes based on partitioning is presented. Moreover, we provide an information-theoretic converse bound for the maximum possible download rate for the MI and MaxL privacy metrics under a practical restriction on the alphabet size of queries and answers. For two servers and two files, the bound is tight under the MaxL metric, which settles the WPIR capacity in this particular case. Finally, we compare the performance of the proposed schemes and their gap to the converse bound.

Information Theory

Quang Cao,Hong Yen Tran,Son Hoang Dau,Xun Yi,Emanuele Viterbo,Chen Feng,Yu-Chih Huang,Jingge Zhu,Stanislav Kruglik,Han Mao Kiah

2023-09-25

Abstract:A private information retrieval (PIR) scheme allows a client to retrieve a data item $x_i$ among $n$ items $x_1,x_2,\ldots,x_n$ from $k$ servers, without revealing what $i$ is even when $t < k$ servers collude and try to learn $i$. Such a PIR scheme is said to be $t$-private. A PIR scheme is $v$-verifiable if the client can verify the correctness of the retrieved $x_i$ even when $v \leq k$ servers collude and try to fool the client by sending manipulated data. Most of the previous works in the literature on PIR assumed that $v < k$, leaving the case of all-colluding servers open. We propose a generic construction that combines a linear map commitment (LMC) and an arbitrary linear PIR scheme to produce a $k$-verifiable PIR scheme, termed a committed PIR scheme. Such a scheme guarantees that even in the worst scenario, when all servers are under the control of an attacker, although the privacy is unavoidably lost, the client won't be fooled into accepting an incorrect $x_i$. We demonstrate the practicality of our proposal by implementing the committed PIR schemes based on the Lai-Malavolta LMC and three well-known PIR schemes using the GMP library and blst, the current fastest C library for elliptic curve pairings.

Cryptography and Security,Databases,Information Retrieval

Haaroon Yousaf

DOI: https://doi.org/10.48550/arXiv.2203.14684

2022-03-28

Abstract:This thesis presents techniques to investigate transactions in uncharted cryptocurrencies and services. Cryptocurrencies are used to securely send payments online. Payments via the first cryptocurrency, Bitcoin, use pseudonymous addresses that have limited privacy and anonymity guarantees. Research has shown that this pseudonymity can be broken, allowing users to be tracked using clustering and tagging heuristics. Such tracking allows crimes to be investigated. If a user has coins stolen, investigators can track addresses to identify the destination of the coins. This, combined with an explosion in the popularity of blockchain, has led to a vast increase in new coins and services. These offer new features ranging from coins focused on increased anonymity to scams shrouded as smart contracts. In this study, we investigated the extent to which transaction privacy has improved and whether users can still be tracked in these new ecosystems. We began by analysing the privacy-focused coin Zcash, a Bitcoin-forked cryptocurrency, that is considered to have strong anonymity properties due to its background in cryptographic research. We revealed that the user anonymity set can be considerably reduced using heuristics based on usage patterns. Next, we analysed cross-chain transactions collected from the exchange ShapeShift, revealing that users can be tracked as they move across different ledgers. Finally, we present a measurement study on the smart-contract pyramid scheme Forsage, a scam that cycled $267 million USD (of Ethereum) within its first year, showing that at least 88% of the participants in the scheme suffered a loss. The significance of this study is the revelation that users can be tracked in newer cryptocurrencies and services by using our new heuristics, which informs those conducting investigations and developing these technologies.

Cryptography and Security

Cheng Huang 0001,Anjia Yang,Dongxiao Liu,Rongxing Lu,Xuemin Sherman Shen

DOI: https://doi.org/10.1109/iccc57788.2023.10233605

2023-01-01

Abstract:In this paper, we propose a high-throughput, logarithmic-bandwidth private information retrieval (PIR) scheme, which enables a client to securely retrieve any record from a database replicated on two remote servers without revealing the record index. Specifically, based on the puncturable pseudorandom function (PPRF), a client first leverages randomized mapping to locate a logarithmic-size punctured PRF key capable of replacing a randomized set of arbitrary size while concealing a chosen element within the set. With the key, the client then generates corresponding PIR queries for two servers, achieving logarithmic communication complexity. Upon receiving the queries, the servers independently perform level-I PPRF evaluations on partitioned databases, i.e., buckets, to obtain intermediate results, and cooperatively perform level-II PPRF evaluations on these results to provide fast PIR responses. The two-level recursive approach can significantly reduce the servers’ computational complexity from linear to sublinear, ensuring high throughput. Finally, we conduct a comprehensive security analysis and develop a proof-of-concept prototype to demonstrate the efficiency and security of the proposed PIR scheme.

Jian Liu,Jingyu Li,Di Wu,Kui Ren

DOI: https://doi.org/10.1109/sp54263.2024.00039

2024-01-01

Abstract:Private information retrieval (PIR) is a cryptographic protocol that enables a wide range of privacy-preserving applications. Despite being extensively studied for decades, it is still not efficient enough to be used in practice. In this paper, we propose a novel PIR protocol named PIRANA, based on the recent advances in constant-weight codes. It is up to 188.6× faster than the original constant-weight PIR (presented in Usenix SEC ’22). Most importantly, PIRANA naturally supports multi-query. It allows a client to retrieve a batch of elements from the server with a very small extra-cost compared to retrieving a single element, which results in up to an 14.4× speedup over the state-of-the-art multi-query PIR (presented in Oakland ’23). We also discuss a way to extend PIRANA to labeled private set intersection (LPSI). Compared with existing LPSI protocols, PIRANA is more friendly to the scenarios where the database updates frequently.

Stanislav Kruglik,Son Hoang Dau,Han Mao Kiah,Huaxiong Wang,Liang Feng Zhang

DOI: https://doi.org/10.1109/tifs.2024.3453550

IF: 7.231

2024-09-20

IEEE Transactions on Information Forensics and Security

Abstract:Private Information Retrieval (PIR) protocols allow a client to retrieve any file of interest while keeping the files identity hidden from the database servers. While many existing PIR protocols assume servers to be honest but curious, we investigate the scenario of dishonest servers that provide incorrect answers to mislead clients into obtaining wrong results. We propose a unified framework for polynomial PIR protocols encompassing various existing protocols that optimize the download rate or total communication cost. We introduce a way to transform a polynomial PIR to a verifiable one without increasing the number of involved servers by doubling the queries. The security guarantees can be information-theoretic or computational, and the verification keys can be public or private. Moreover, in one of our protocols, the ratio between the additional download overhead associated with verification and the normal download cost approaches zero as the file size goes to infinity.

computer science, theory & methods,engineering, electrical & electronic

Vy-An Phan

DOI: https://doi.org/10.48550/arXiv.1905.09478

2019-05-13

Cryptography and Security

Abstract:Despite increasing advancements in today's information exchange infrastructure, the preservation of user data and privacy still remains a problem. Both insecure baselines and secure solutions leak user data. For example, Certificate Transparency (CT) promises significant security improvements to existing Public Key Infrastructure solutions that up-to-now have solely relied on the Certificate Authority hierarchy. CT provides a robust auditing layer and transparency solution to quickly detect such compromises, but introduces the requirement that client browsers interact with third-party servers when validating a site certificate. In the existing CT system, these requests leak information about each user's browsing habits to the hosting server. It is not a stretch to think that this valuable data could be collected and exploited, as corporations and governments have plenty of financial and political incentive to do so. In this project, we seek to address this problem by using an oblivious file sharing system with strong anonymity properties, to provide a more scalable, performant solution to privacy-preserving queries.

Xingyu Lyu,Mengya Zhang,Xiaokuan Zhang,Jianyu Niu,Yinqian Zhang,Zhiqiang Lin

DOI: https://doi.org/10.48550/arXiv.2208.02858

2022-08-05

Abstract:Recently, Decentralized Finance (DeFi) platforms on Ethereum are booming, and numerous traders are trying to capitalize on the opportunity for maximizing their benefits by launching front-running attacks and extracting Miner Extractable Values (MEVs) based on information in the public mempool. To protect end users from being harmed and hide transactions from the mempool, private transactions, a special type of transactions that are sent directly to miners, were invented. Private transactions have a high probability of being packed to the front positions of a block and being added to the blockchain by the target miner, without going through the public mempool, thus reducing the risk of being attacked by malicious entities. Despite the good intention of inventing private transactions, due to their stealthy nature, private transactions have also been used by attackers to launch attacks, which has a negative impact on the Ethereum ecosystem. However, existing works only touch upon private transactions as by-products when studying MEV, while a systematic study on private transactions is still missing. To fill this gap and paint a complete picture of private transactions, we take the first step towards investigating the private transactions on Ethereum. In particular, we collect large-scale private transaction datasets and perform analysis on their characteristics, transaction costs and miner profits, as well as security impacts. This work provides deep insights on different aspects of private transactions.

Cryptography and Security

Wenyuan Zhao,Yu Shin Huang,Ruida Zhou,Chao Tian

2024-02-28

Abstract:We study the problem of weakly private information retrieval (PIR) when there is heterogeneity in servers' trustfulness under the maximal leakage (Max-L) metric and mutual information (MI) metric. A user wishes to retrieve a desired message from N non-colluding servers efficiently, such that the identity of the desired message is not leaked in a significant manner; however, some servers can be more trustworthy than others. We propose a code construction for this setting and optimize the probability distribution for this construction. For the Max-L metric, it is shown that the optimal probability allocation for the proposed scheme essentially separates the delivery patterns into two parts: a completely private part that has the same download overhead as the capacity-achieving PIR code, and a non-private part that allows complete privacy leakage but has no download overhead by downloading only from the most trustful server. The optimal solution is established through a sophisticated analysis of the underlying convex optimization problem, and a reduction between the homogeneous setting and the heterogeneous setting. For the MI metric, the homogeneous case is studied first for which the code can be optimized with an explicit probability assignment, while a closed-form solution becomes intractable for the heterogeneous case. Numerical results are provided for both cases to corroborate the theoretical analysis.

Information Theory

Jun-Woo Tak,Sang-Hyo Kim,Yongjune Kim,Jong-Seon No

DOI: https://doi.org/10.48550/arXiv.2105.08114

2021-05-18

Abstract:Private information retrieval (PIR) is a protocol that guarantees the privacy of a user who is in communication with databases. The user wants to download one of the messages stored in the databases while hiding the identity of the desired message. Recently, the benefits that can be obtained by weakening the privacy requirement have been studied, but the definition of weak privacy needs to be elaborated upon. In this paper, we attempt to quantify the weak privacy (i.e., information leakage) in PIR problems by using the Rényi divergence that generalizes the Kullback-Leibler divergence. By introducing Rényi divergence into the existing PIR problem, the tradeoff relationship between privacy (information leakage) and PIR performance (download cost) is characterized via convex optimization. Furthermore, we propose an alternative PIR scheme with smaller message sizes than the Tian-Sun-Chen (TSC) scheme. The proposed scheme cannot achieve the PIR capacity of perfect privacy since the message size of the TSC scheme is the minimum to achieve the PIR capacity. However, we show that the proposed scheme can be better than the TSC scheme in the weakly PIR setting, especially under a low download cost regime.

Information Theory,Signal Processing

Julien Lavauzelle

DOI: https://doi.org/10.1109/tit.2018.2861747

IF: 2.5

2019-02-01

IEEE Transactions on Information Theory

Abstract:Private information retrieval (PIR) protocols allow a user to retrieve entries of a database without revealing the index of the desired item. Information-theoretical privacy can be achieved by the use of several servers and specific retrieval algorithms. Most known PIR protocols focus on decreasing the number of bits exchanged between the client and the server(s) during the retrieval process. On another side, Fazeli et al. introduced so-called PIR codes in order to reduce the storage overhead on the servers. However, few works address the issue of the computation complexity of the servers. In this paper, we show that a specific encoding of the database yields PIR protocols with reasonable communication complexity, low storage overhead, and optimal computational complexity for the servers. This encoding is based on incidence matrices of transversal designs, from which a natural and efficient recovering algorithm is derived. We also present several instances for our construction, which make use of finite geometries and orthogonal arrays. We finally give a generalization of our main construction in order to resist collusions of servers.

Kai Wang,Weili Han,Chen Chen,Haoran Chen,Dapeng Huang

DOI: https://doi.org/10.1109/NaNA56854.2022.00037

2022-12-01

Abstract:Cryptocurrencies like Bitcoin have become a popular weapon for illegal activities. They have the characteristics of decentralization and anonymity, which can effectively avoid the supervision of government departments. How to de-anonymize Bitcoin transactions is a crucial issue for regulatory and judicial investigation departments to supervise and combat crimes involving Bitcoin effectively. This paper aims to de-anonymize Bitcoin transactions and present a Bitcoin transaction traceability method based on Bitcoin network traffic analysis. According to the characteristics of the physical network that the Bitcoin network relies on, the Bitcoin network traffic is obtained at the physical convergence point of the local Bitcoin network. By analyzing the collected network traffic data, we realize the traceability of the input address of Bitcoin transactions and test the scheme in the distributed Bitcoin network environment. The experimental results show that this traceability mechanism is suitable for nodes connected to the Bitcoin network (except for VPN, Tor, etc.), and can obtain 47.5% recall rate and 70.4% precision rate, which are promising in practice.

Computer Science