Zhaohua Chen,Guang Yang

DOI: https://doi.org/10.48550/arXiv.2008.10895

2021-07-13

Abstract:Asset custody is a core financial service in which the custodian holds in-safekeeping assets on behalf of the client. Although traditional custody service is typically endorsed by centralized authorities, decentralized custody scheme has become technically feasible since the emergence of digital assets, and furthermore, it is greatly needed by new applications such as blockchain and DeFi (Decentralized Finance). In this work, we propose a framework of decentralized asset custody scheme that is able to support a large number of custodians and safely hold customer assets of multiple times the value of the total security deposit. The proposed custody scheme distributes custodians and assets into many custodian groups via combinatorial designs, where each group fully controls the assigned assets. Since every custodian group is small, the overhead cost is significantly reduced. The liveness is also improved because even a single alive group would be able to process transactions. The security of this custody scheme is guaranteed under the rational adversary model, such that any adversary corrupting a bounded fraction of custodians cannot move assets more than the security deposit paid. We further analyze the security and performance of our constructions from both theoretical and experimental sides and give explicit examples with concrete numbers and figures for a better understanding of our results.

Cryptography and Security,Data Structures and Algorithms

Jacob Tyge Goker Swambo

2023-10-18

Abstract:The broad topic of this thesis is the design and analysis of Bitcoin custody systems. Both the technology and threat landscape are evolving constantly. Therefore, custody systems, defence strategies, and risk models should be adaptive too. We introduce Bitcoin custody by describing the different types, design principles, phases and functions of custody systems. We review the technology stack of these systems and focus on the fundamentals; key-management and privacy. We present a perspective we call the systems view. It is an attempt to capture the full complexity of a custody system, including technology, people, and processes. We review existing custody systems and standards. We explore Bitcoin covenants. This is a mechanism to enforce constraints on transaction sequences. Although previous work has proposed how to construct and apply Bitcoin covenants, these require modifying the consensus rules of Bitcoin, a notoriously difficult task. We introduce the first detailed exposition and security analysis of a deleted-key covenant protocol, which is compatible with current consensus rules. We demonstrate a range of security models for deleted-key covenants which seem practical, in particular, when applied in autonomous (user-controlled) custody systems. We conclude with a comparative analysis with previous proposals. Covenants are often proclaimed to be an important primitive for custody systems, but no complete design has been proposed to validate that claim. To address this, we propose an autonomous custody system called Ajolote which uses deleted-key covenants to enforce a vault sequence. We evaluate Ajolote with; a model of its state dynamics, a privacy analysis, and a risk model. We propose a threat model for custody systems which captures a realistic attacker for a system with offline devices and user-verification. We perform ceremony analysis to construct the risk model.

Cryptography and Security

Chit-Jie Chew,Wei-Bin Lee,Tzu-Hao Chen,Iuon-Chang Lin,Jung-San Lee

DOI: https://doi.org/10.1109/tnse.2024.3375921

IF: 6.6

2024-01-01

IEEE Transactions on Network Science and Engineering

Abstract:The rise of cybercrime has led to an explosion of threats in recent years, resulting in the increasingly important of digital forensics. To achieve successful investigation and prosecution, the log preservation is a critical aspect of incident response. The blockchain technology is considered as one of the powerful log storage mechanism, which bringing data transparency and non-tempering property aside from taking off the hypothesis of a trusted third party. Nevertheless, the sensitivity of the data makes it vulnerable to malicious attacks, and the adoption of blockchain has significantly burdened participants regarding consensus time and storage. To address these challenges, we aim to develop a custody dual blockchain (CDB) to secure the confidentiality and integrity of log data. The design of reputation consensus attains that only attractive participants need to offer computation and storage for efficiency enhancing, while the energy regime constructs a positive feedback loop that invigorates users to contribute to CDB. Moreover, the obfuscation shuffle effectively obscures the explicit log plaintext to prevent illegal access. Thus, the confidential data on the CDB nodes can even be used as evidence of digital forensics. Simulation results have demonstrated that the ledger overhead can be significantly reduced, and CDB could pass the robust examination of two formal proof tools: Proverif (Blanchet et al. 2021) and AVISPA [23].

engineering, multidisciplinary,mathematics, interdisciplinary applications

Fan Zhang,Philip Daian,Iddo Bentov

2018-01-01

Abstract:Conventional (M,N )-threshold signature schemes leave users with a painful choice. SettingM = N offers maximum resistance to key compromise. With this choice, though, loss of a single key renders the signing capability unavailable, creating paralysis in systems that use signatures for access control. Lower M improves availability, but at the expense of security. For example, a (3, 3)-multisignature cryptocurrency wallet experiences access-control paralysis upon loss of a single key, but a (2, 3)-multisig allows any two players to collude and steal funds from the third. In this paper, we introduce techniques that address this impasse by making general cryptographic access structures dynamic. Our schemes permit, e.g., a (3, 3)-multisig, to be downgraded to a (2, 3)multisig if a player goes missing. This downgrading is secure in the sense that it occurs only if a player is provably unavailable. Our main tool is what we call a Paralysis Proof, evidence that players, i.e., key holders, are unavailable or incapacitated. Using Paralysis Proofs, we show how to construct a Dynamic Access Structure System, which can securely and flexibly update target access structures without a trusted third party such as a system administrator. We present DASS constructions that combine a trust anchor (a trusted execution environment or smart contract) with a censorshipresistant channel in the form of a blockchain. We offer a formal framework for specifying DASS policies, and define and show how to achieve critical security and usability properties (safety, liveness, and paralysis-freeness) in a DASS. Paralysis Proofs can help address pervasive key-management challenges in many different settings. We present DASS schemes for three important example use cases: recovery of cryptocurrency funds should players become unavailable, returning funds to users when cryptocurrency custodians fail, and remediating critical smartcontract failures such as frozen funds. We report on practical implementations for Bitcoin and Ethereum.

Vivek Nair,Dawn Song

DOI: https://doi.org/10.1109/ICBC56567.2023.10174998

2023-06-14

Abstract:The average cryptocurrency user today faces a difficult choice between centralized custodial wallets, which are notoriously prone to spontaneous collapse, or cumbersome self-custody solutions, which if not managed properly can cause a total loss of funds. In this paper, we present a "best of both worlds" cryptocurrency wallet design that looks like, and inherits the user experience of, a centralized custodial solution, while in fact being entirely decentralized in design and implementation. In our design, private keys are not stored on any device, but are instead derived directly from a user's authentication factors, such as passwords, soft tokens (e.g., Google Authenticator), hard tokens (e.g., YubiKey), or out-of-band authentication (e.g., SMS). Public parameters (salts, one-time pads, etc.) needed to access the wallet can be safely stored in public view, such as on a public blockchain, thereby providing strong availability guarantees. Users can then simply "log in" to their decentralized wallet on any device using standard credentials and even recover from lost credentials, thereby providing the usability of a custodial wallet with the trust and security of a decentralized approach.

Cryptography and Security

Richard Walker,Rob Massey,Amy Steele,Tyler Welmans,Michelle Robinson,Elana Mourtil,Michael Marzelli,Linards Strauss,Pamela Calaquian,Ken Schulhof

DOI: https://doi.org/10.69554/kxek5506

2021-03-01

Abstract:Digital assets as an asset class has matured with increasing rates of adoption among retail and institutional investors. As custodians engage, they are facing unique complexities across many regulatory bodies, new varieties of audit and controls considerations and evolving risk frameworks. There are also opportunities for custodians to add new services, such as lending, staking and trading. Per Deloitte’s 2020 Blockchain Survey, 94 per cent of banking and capital markets executives said that they believe that digital assets will be at least somewhat important in the next three years. This paper explores various considerations for custodians of digital assets as explained from the various leaders within Deloitte’s digital asset practice.

Yuxin Tong,Xiang Xie,Kang Yang,Rui Zhang,Rui Xue

DOI: https://doi.org/10.1007/s10623-024-01379-w

IF: 1.4

2024-03-28

Designs Codes and Cryptography

Abstract:Ethereum, one of the most prominent and widely deployed blockchain systems, is undergoing a significant upgrade that adopts sharding for capacity expansion and secure multi-party computation (MPC) to enable distributed validator technology (DVT). However, it faces a data availability problem, where an adversary can cheat honest-but-lazy validators to propagate invalid blocks, thereby exposing Ethereum Sharding to vulnerabilities. To address this issue, proof of custody (PoC) was proposed. Regrettably, no practically effective MPC protocol is designed to securely and distributively compute PoC. In this paper, we present a concrete and efficient MPC protocol that enables the secure computation of PoC in the dishonest-majority malicious setting. First, we construct an efficient conversion protocol to convert secret sharings in two different prime fields using the doubly authenticated bits (daBits) technique. Second, an efficient MPC protocol is designed to compute scalar multiplication over an elliptic-curve group without requiring MPC to compute branching programs. Furthermore, we employ affine coordinates to compute group operations over an elliptic curve, leading to significant performance boosts compared to other coordinate systems. Finally, a concrete end-to-end implementation of the protocol is built, and its performance is evaluated. When the operations of a validator are collaboratively performed by seven parties, the online (resp., total) running time to generate one proof of custody is 0.02 s (resp., 559.6 s ) in LAN and 0.39 s (resp., 7904.2 s ) in WAN. The results demonstrate the practicality of the proposed protocol for Ethereum Sharding over a long period of time, such as 73 days.

mathematics, applied,computer science, theory & methods

Jingting Xue,Chunxiang Xu,Yuan Zhang,Lanhua Bai

DOI: https://doi.org/10.1007/978-3-030-05057-3_30

2018-01-01

Abstract:In this article, we propose a client-side encrypted distributed cloud storage system named DStore, which is constructed in a peer-to-peer networking environment. DStore allows data owners to rent the local idle disks of other peers to store personal data in a distributed manner without relying on centralized control by trusted third parties. For DStore, we propose a challenge-verification solution based on the Merkle hash tree to periodically audit the integrity of outsourced data. DStore employs smart contracts to generate records and achieve consensus regarding lease relationships. Upon completion of an audit, the smart contract verifies the audit result and automatically performs the payment operation. Finally, we conduct a comprehensive evaluation to ensure that DStore is secure and feasible.

Yu Guo,Yuxin Xi,Yifang Zhang,Mingyue Wang,Shengling Wang,Xiaohua Jia

DOI: https://doi.org/10.1109/tsc.2024.3441471

IF: 11.019

2024-10-11

IEEE Transactions on Services Computing

Abstract:Decentralized storage is recognized as a promising blockchain application for building trustworthy data-sharing services. Recently, privacy-preserving decentralized storage has attracted tremendous attention from the research community, due to the inherent transparent access properties of blockchain. That is, multi-users can search over encrypted data from multi-owners via untrusted storage servers. Private Set Intersection (PSI) is regarded as an ideal cryptographic scheme for this scenario because it allows multiple parties to collaboratively execute private set computations without revealing additional information. However, existing solutions do not consider the necessary verification and fault tolerance of PSI results, which is the indispensable security requirements in decentralized storage. To fill the gap, in this work, we introduce the first reliable PSI scheme for decentralized storage that provides results verifiability and fault tolerance for private set operations. Our design leverages authenticated indexing structures and Shamir's secret sharing algorithm for constructing our reliable PSI scheme with fault tolerance. To address the potential malicious behaviors of dishonest users or servers, we also propose a blockchain-assisted arbitration protocol that enables public arbitration in a privacy-preserving manner. We rigorously provide security analysis and complete the prototype implementation on Fabric. Extensive results demonstrate its practicability and feasibility for existing decentralized storage.

computer science, information systems, software engineering

Yaoliang Chen,Shi Chen,Jiao Liang,Lance Warren Feagan,Weili Han,Sheng Huang,X. Sean Wang

DOI: https://doi.org/10.1016/j.is.2020.101590

IF: 3.18

2020-01-01

Information Systems

Abstract:Blockchain is an emerging data management technology that enables people in a collaborative network to establish trusted connections with the other participants. Recently consortium blockchains have raised interest in a broader blockchain technology discussion. Instead of a fully public, autonomous network, consortium blockchain supports a network where participants can be limited to a subset of users and data access strictly controlled. Access control policies should be defined by the respective data owner and applied throughout the network without requiring a centralized data administrator. As a result, decentralized data access control (DDAC) emerges as a fundamental challenge for such systems. However, we show from a trust model for consortium collaborative networks that current consortium blockchain systems provide limited support for DDAC. Further, the distributed, replicated nature of blockchain makes it even more challenging to control data access, especially read access, compared with traditional DBMSes. We investigate possible strategies to protect data from being read by unauthorized users in consortium blockchain systems using combinations of ledger partitioning and encryption strategies. A general framework is proposed to help inexperienced users determine appropriate strategies under different application scenarios. The framework was implemented on top of Hyperledger Fabric to evaluate feasibility. Experimental results along with a real-world case study contrasted the performance of different strategies under various conditions and the practicality of the proposed framework.

Jingsi REN,Jinlin WANG,Xiao CHEN,Xiaozhou YE

DOI: https://doi.org/10.3969/j.issn.2095-347X.2017.04.002

2017-01-01

Abstract:Traditional ABE schemes rely on a single authority,which is not suitable for large-scale data storage.In order to solve this problem,we present a novel decentralized attribute-based access control scheme for cloud storage environment.The proposed scheme has the following features:①Multiple authorities are independent,without the need for any central authority or global coordination;②The scheme supports any LSSS access structure and can easily carry out fine-granted access control;③We apply proxy re-encryption technique to resolve the issue of user revocation in decentralized ABE schemes.Security analysis and performance assessment show that our scheme is reliable,and can take into account both flexibility and efficiency.

Zijian Zhou,Caimei Wang,Xiaoheng Deng,Jianhao Lu,Qilue Wen,Chen Zhang,Hong Li

2024-04-02

Abstract:Although the decentralized storage technology based on the blockchain can effectively realize secure data storage on cloud services. However, there are still some problems in the existing schemes, such as low storage capacity and low efficiency. To address related issues, we propose a novel decentralized storage framework, which mainly includes four aspects: (1) we proposed a Bi-direction Circular Linked Chain Structure (BCLCS), which improves data's storage capacity and applicability in decentralized storage. (2) A Proof of Resources (PoR) decision model is proposed. By introducing the network environment as an essential evaluation parameter of storage right decision, the energy and time consumption of decision-making are reduced, and the fairness of decision-making is improved. (3) A chain structure dynamic locking mechanism (CSDLM) is designed to realize anti-traverse and access control. (4) A Bi-directional data Access Mechanism (BDAM) is proposed, which improves the efficiency of data access and acquisition in decentralized storage mode. The experimental results show that the framework has significantly improved the shortcomings of the current decentralized storage.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

James Austgen,Andrés Fábrega,Mahimna Kelkar,Dani Vilardell,Sarah Allen,Kushal Babel,Jay Yu,Ari Juels

2024-12-04

Abstract:Inherent in the world of cryptocurrency systems and their security models is the notion that private keys, and thus assets, are controlled by individuals or individual entities. We present Liquefaction, a wallet platform that demonstrates the dangerous fragility of this foundational assumption by systemically breaking it. Liquefaction uses trusted execution environments (TEEs) to encumber private keys, i.e., attach rich, multi-user policies to their use. In this way, it enables the cryptocurrency credentials and assets of a single end-user address to be freely rented, shared, or pooled. It accomplishes these things privately, with no direct on-chain traces. Liquefaction demonstrates the sweeping consequences of TEE-based key encumbrance for the cryptocurrency landscape. Liquefaction can undermine the security and economic models of many applications and resources, such as locked tokens, DAO voting, airdrops, loyalty points, soulbound tokens, and quadratic voting. It can do so with no on-chain and minimal off-chain visibility. Conversely, we also discuss beneficial applications of Liquefaction, such as privacy-preserving, cost-efficient DAOs and a countermeasure to dusting attacks. Importantly, we describe an existing TEE-based tool that applications can use as a countermeasure to Liquefaction. Our work prompts a wholesale rethinking of existing models and enforcement of key and asset ownership in the cryptocurrency ecosystem.

Cryptography and Security

Liang Zhang,Haibin Kan,Yang Xu,Jinhao Ran

DOI: https://doi.org/10.1007/978-3-030-92708-0_4

2021-01-01

Abstract:Data sharing methodology has recently been an active research area due to the development of information technology. As blockchain gets popular, decentralized storage mode becomes a favorable method for data sharing. Moreover, non-repudiation, confidentiality, revocability and fine-grained access are sometimes indispensable in practice. In light of these requirements, we propose a solution by combining decentralized ciphertext-policy attribute-based encryption (CP-ABE) and Software Guard eXtension (SGX) with blockchain. In our framework, the use of blockchain makes shared data publicly accessible and undeniable. To ensure confidentiality and fine-grained access control, we take advantage of decentralized CP-ABE to encrypt data. SGX is utilized as a key management service for the decentralized CP-ABE, making our data sharing methodology revocable without updating ciphertext. Overall, our methodology achieves privacy protection, revocability and decentralized fine-grained access. In addition, we perform experiments on Ethereum, and the results demonstrate that our approach is feasible.

Xuanyu Liu,Xiao Fu,Bin Luo,Xiaojiang Du

DOI: https://doi.org/10.1007/978-3-319-90802-1_16

2018-01-01

Abstract:A considerable number of cloud forensic systems and tools have been proposed in recent years. Trust issue of digital evidence, a significant security topic, is indispensable for cloud forensics systems. In this paper, we propose a different cloud forensic system-Distributed Cloud Forensic System with Decentralization and Multi-participation (DCFS). The DCFS is set in an untrusted and multi-tenancy cloud environment, and it is assumed that cloud users, cloud employees, or forensic investigators can be dishonest. The DCFS, which is different from existing centralized cloud forensic systems, is a distributed and decentralized system that does not rely on any single node or any third party to obtain credible evidence from the cloud. Trust is divided into all participants in the DCFS, and these participants supervise each other. A distributed public ledger is maintained in the DCFS, and this ledger records all the proofs of forensic evidence along with other useful information. This ledger can enhance the credibility and integrity of forensic evidence to some degree and complete the chain of custody in forensic investigation. The forensic evidence, which are provided by the cloud employees, presented to the court of law using the DCFS will be more trustful.

Hong Lei,Zijian Bao,Qinghao Wang,Yongxin Zhang,Wenbo Shi

DOI: https://doi.org/10.1007/978-981-15-9213-3_21

2020-01-01

Abstract:With the continuous growth of data resources, outsourcing data storage to cloud service providers is becoming the norm. Unfortunately, once data are stored on the cloud platform, they will be out of data owners’ control. Thus, it is critical to guarantee the integrity of the remote data. To solve this problem, researchers have proposed many data auditing schemes, which often employ a trusted role named Third Party Auditor (TPA) to verify the integrity. However, the TPA may not be reliable as expected. For example, it may collude with cloud service providers to hide the fact of data corruption for benefits. Blockchain has the characteristics of decentralization, non-tampering, and traceability, which provides a solution to trace the malicious behaviors of the TPA. Moreover, Intel SGX, as the popular trusted computing technology, can be used to protect the correctness of the auditing operations with a slight performance cost, which excellently serves as the of the blockchain-based solution. In this paper, we propose a secure auditing scheme based on the blockchain and Intel SGX technology, termed SDABS. The scheme follows the properties of storage correctness, data-preserving, accountability, and anti-collusion. The experiment results show that our scheme is efficient.

Liang Xue,Dongxiao Liu,Cheng Huang,Xuemin (Sherman) Shen,Weihua Zhuang,Rob Sun,Bidi Ying

DOI: https://doi.org/10.1109/icc45855.2022.9838811

2022-01-01

Abstract:In this paper, we propose a Secure and Flexible Data Sharing (SFDS) scheme for distributed storage, where data owners can outsource their data to a distributed storage network and share the data with authorized users. To preserve confidentiality, all data are encrypted by data owners' secret keys before being outsourced, and fine-grained access policies are enforced on the encrypted data (ciphertexts) to achieve flexible data sharing. Furthermore, based on the ciphertext puncturable encryption and the hierarchical identity-based encryption, we design an efficient key and ciphertext update mechanism, which enables data owners to update their secret keys and the corresponding ciphertexts periodically to deal with side-channel attacks and system vulnerabilities. Update tokens are constructed to directly derive new keys and ciphertexts. Through detailed security analysis, it is demonstrated that SFDS can achieve all three essential security properties, i.e., forward security, post-compromise security, and collusion attack resistance.

Wenbo Wang,Dusit Niyato,Ping Wang,Amir Leshem

DOI: https://doi.org/10.48550/arXiv.1801.07604

2018-01-23

Abstract:Blockchains enables tamper-proof, ordered logging for transactional data in a decentralized manner over open-access, overlay peer-to-peer networks. In this paper, we propose a decentralized framework of proactive caching in a hierarchical wireless network based on blockchains. We employ the blockchain-based smart contracts to construct an autonomous content caching market. In the market, the cache helpers are able to autonomously adapt their caching strategies according to the market statistics obtained from the blockchain, and the truthfulness of trustless nodes are financially enforced by smart contract terms. Further, we propose an incentive-compatible consensus mechanism based on proof-of-stake to financially encourage the cache helpers to stay active in service. We model the interaction between the cache helpers and the content providers as a Chinese restaurant game. Based on the theoretical analysis regarding the Nash equilibrium of the game, we propose a decentralized strategy-searching algorithm using sequential best response. The simulation results demonstrate both the efficiency and reliability of the proposed equilibrium searching algorithm.

Networking and Internet Architecture

Qingyang Zhang,Zhiming Zhang,Jie Cui,Hong Zhong,Yang Li,Chengjie Gu,Debiao He

DOI: https://doi.org/10.1109/tpds.2023.3323155

IF: 5.3

2023-12-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:As the disruptor of cloud storage, decentralized storage could lead to a major shift in how organizations store data in the future. To ensure data availability, users generally encrypt the data and distribute it to multiple storage service providers. It is necessary to study data integrity verification in decentralized storage. Although some recent studies have proposed the using blockchain technology to assist auditing work in decentralized storage networks, the on-chain overhead still increases linearly with an increase in audit requests. Blockchain networks will inevitably be overloaded. In this study, we propose an efficient data integrity auditing scheme for multiple copies in decentralized storage. Particularly, using different polynomial commitment schemes, we first propose a basic scheme for verifying multiple copies of a single file, and then we propose an efficient batch auditing scheme for multiple copies of multiple files. Our scheme can significantly reduce the computation overhead of storage service providers while keeping the on-chain storage overhead constant. Security analysis and performance analysis show that our scheme is efficient and practical.

computer science, theory & methods,engineering, electrical & electronic

Yang Xu,Ziyu Peng,Cheng Zhang,Gaocai Wang,Huiling Wang,Hongbo Jiang,Yaoxue Zhang

DOI: https://doi.org/10.1016/j.sysarc.2024.103132

IF: 5.836

2024-03-30

Journal of Systems Architecture

Abstract:The data in Cyber-Physical Systems (CPS) is currently undergoing an explosive surge. Blockchain-based CPS exhibit enhancements in security, fault tolerance, trust, and other aspects for its data sharing. However, it is very challenging to achieve the privacy preserving and efficient data sharing in CPS considering the privacy concerns introduced by blockchain while the cost associated with privacy protection cannot be neglected. To release these potential challenges, we propose a blockchain-assisted data-sharing scheme that ensures security, privacy-preserving and efficiency. We introduce deniability into data-sharing based on an identity-based deniable authentication protocol. This protocol enables data owners to deny their data-sharing actions, protecting their privacy, and ensuring verifiability for recipients. Furthermore, by incorporating multi-recipient encryption techniques, the proposed protocol significantly simplifies interactions with multiple recipients, reducing associated costs. Additionally, the assistance of blockchain and source traceability mechanism establishes a distributed, transparent and trustworthy framework for data sharing, while ensuring honest cooperation between the individual participants. Security analysis and performance comparisons demonstrate the effectiveness and security of this scheme.

computer science, software engineering, hardware & architecture