November 2020 list
If you feel a paper should belong to another category, or that we missed a relevant paper just let us know. Participation is most welcome!
- Attacks and defenses
- Blockchain-noncrypto uses
- Internet of Things (IoT)
- Proof of Work (PoW) alternatives
- Smart contracts
Attacks and defenses
General Purpose Atomic Crosschain Transactions
Authors: Peter Robinson, Raghavendra Ramesh
Abstract: The General Purpose Atomic Crosschain Transaction protocol allows composable programming across multiple Ethereum blockchains. It allows for inter-contract and inter-blockchain function calls that are both synchronous and atomic: if one part fails, the whole call graph of function calls is rolled back. The protocol operates on existing Ethereum blockchains without modification. It works for both public permissioned and consortium blockchains. Additionally, the protocol is expected to work across heterogeneous blockchains other than Ethereum. The protocol has been analysed in terms of Gas usage and Finalised Block Periods for three scenarios: reading a value from one blockchain to another, writing a value from one blockchain to another, and a trade finance system involving five contracts on five blockchains with a complex call graph. The initial security analysis of the protocol shows that the protocol has Safety and Liveness properties. The high gas costs and the latency of the current implementation provide a base line upon which implementation improvements of this protocol and future protocols can be measured.
Secure Regenerating Codes for Reducing Storage and Bootstrap Costs in Sharded Blockchains
Authors: Swetha Divija Gadiraju, V. Lalitha, Vaneet Aggarwal
Abstract: Blockchain is a distributed ledger with wide applications. Due to the increasing storage requirement for blockchains, the computation can be afforded by only a few miners. Sharding has been proposed to scale blockchains so that storage and transaction efficiency of the blockchain improves at the cost of security guarantee. This paper aims to consider a new protocol, Secure-Repair-Blockchain (SRB), which aims to decrease the storage cost at the miners. In addition, SRB also decreases the bootstrapping cost, which allows for new miners to easily join a sharded blockchain. In order to reduce storage, coding-theoretic techniques are used in SRB. In order to decrease the amount of data that is transferred to the new node joining a shard, the concept of exact repair secure regenerating codes is used. The proposed blockchain protocol achieves lower storage than those that do not use coding, and achieves lower bootstrapping cost as compared to the different baselines.
BlockSim-Net: A Network Based Blockchain Simulator
Authors: Nandini Agrawal, Prashanthi R, Osman Biçer, Alptekin Küpçü
Abstract: Since its proposal by Eyal and Sirer (CACM ’13), selfish mining attack on proof-of-work blockchains has been studied extensively in terms of both improving its impact and defending against it. Before any defense is deployed in a real world blockchain system, it needs to be tested for security and dependability. However, real blockchain systems are too complex to conduct any test on or benchmark the developed protocols. Some simulation environments have been proposed recently, such as BlockSim (Maher et al., ’20). However, BlockSim is developed for the simulation of an entire network on a single CPU. Therefore, it is insufficient to capture the essence of a real blockchain network, as it is not distributed and the complications such as propagation delays that occur in reality cannot be simulated realistically enough. In this work, we propose BlockSim-Net, a simple, efficient, high performance, network-based blockchain simulator, to better reflect reality.
Threats and Opportunities: Blockchain Meets Quantum Computation
Authors: Wei Cui, Tong Dou, Shilu Yan
Abstract: This article considered deficiencies of the flourishing blockchain technology manifested by the development of quantum computation. We show that the future blockchain technology would under constant threats from the following aspects: 1) Speed up the generation of nonces; 2) Faster searching for hash collisions; 3) Break the security of the classical encryption. We also demonstrate that incorporating some quantum properties into blockchain makes it more robust and more efficient. For example people can establish a quantum-security blockchain system that utilizes quantum key distribution (QKD), and quantum synchronization and detectable Byzantine agreement (DBA) can help the blockchain systems achieve faster consensus even if there exist a number of malicious nodes.
Tracking Counterfeit Cryptocurrency End-to-end
Authors: Bingyu Gao, Haoyu Wang, Pengcheng Xia, Siwei Wu, Yajin Zhou, Xiapu Luo, Graeth Tyson
Abstract: The production of counterfeit money has a long history. It refers to the creation of imitation currency that is produced without the legal sanction of government. With the growth of the cryptocurrency ecosystem, there is expanding evidence that counterfeit cryptocurrency has also appeared. In this paper, we empirically explore the presence of counterfeit cryptocurrencies on Ethereum and measure their impact. By analyzing over 190K ERC-20 tokens (or cryptocurrencies) on Ethereum, we have identified 2, 117 counterfeit tokens that target 94 of the 100 most popular cryptocurrencies. We perform an end-to-end characterization of the counterfeit token ecosystem, including their popularity, creators and holders, fraudulent behaviors and advertising channels. Through this, we have identified two types of scams related to counterfeit tokens and devised techniques to identify such scams. We observe that over 7,104 victims were deceived in these scams, and the overall financial loss sums to a minimum of $ 17 million (74,271.7 ETH). Our findings demonstrate the urgency to identify counterfeit cryptocurrencies and mitigate this threat.
Low Latency Cross-Shard Transactions in Coded Blockchain
Authors: Canran Wang, Netanel Raviv
Abstract: Although blockchain, the supporting technology of Bitcoin and various cryptocurrencies, has offered a potentially effective framework for numerous applications, it still suffers from the adverse affects of the impossibility triangle. Performance, security, and decentralization of blockchains normally do not scale simultaneously with the number of participants in the network. The recent introduction of error correcting codes in sharded blockchain by Li et al. partially settles this trilemma, boosting throughput without compromising security and decentralization. In this paper, we improve the coded sharding scheme in three ways. First, we propose a novel 2-Dimensional Sharding strategy, which inherently supports cross-shard transactions, alleviating the need for complicated inter-shard communication protocols. Second, we employ distributed storage techniques in the propagation of blocks, improving latency under restricted bandwidth. Finally, we incorporate polynomial cryptographic primitives of low degree, which brings coded blockchain techniques into the realm of feasible real-world parameters.
BONIK: A Blockchain Empowered Chatbot for Financial Transactions
Authors: Islam Saiful Md. Bhuiyan, Abdur Razzak, Sadek Md Ferdous, M. Jabed Mohammad Chowdhury, A. Mohammad Hoque, Sasu Tarkoma
Abstract: A Chatbot is a popular platform to enable users to interact with a software or website to gather information or execute actions in an automated fashion. In recent years, chatbots are being used for executing financial transactions, however, there are a number of security issues, such as secure authentication, data integrity, system availability and transparency, that must be carefully handled for their wide-scale adoption. Recently, the blockchain technology, with a number of security advantages, has emerged as one of the foundational technologies with the potential to disrupt a number of application domains, particularly in the financial sector. In this paper, we forward the idea of integrating a chatbot with blockchain technology in the view to improve the security issues in financial chatbots. More specifically, we present BONIK, a blockchain empowered chatbot for financial transactions, and discuss its architecture and design choices. Furthermore, we explore the developed Proof-of-Concept (PoC), evaluate its performance, analyse how different security and privacy issues are mitigated using BONIK
A Privacy-Preserving Healthcare Framework Using Hyperledger Fabric
Authors: Charalampos Stamatellis, Pavlos Papadopoulos, Nikolaos Pitropakis, Sokratis Katsikas, J William Buchanan
Abstract: Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a decentralized, anonymous and secure EHR handling approach. This paper presents PREHEALTH, a privacy-preserving EHR management solution that uses distributed ledger technology and an Identity Mixer (Idemix). The paper describes a proof-of-concept implementation that uses the Hyperledger Fabric’s permissioned blockchain framework. The proposed solution is able to store patient records effectively whilst providing anonymity and unlinkability. Experimental performance evaluation results demonstrate the scheme’s efficiency and feasibility for real-world scale deployment.
Deep Reinforcement Learning and Permissioned Blockchain for Content Caching in Vehicular Edge Computing and Networks
Authors: Yueyue Dai, Du Xu, Ke Zhang, Sabita Maharjan, Yan Zhang
Abstract: Vehicular Edge Computing (VEC) is a promising paradigm to enable huge amount of data and multimedia content to be cached in proximity to vehicles. However, high mobility of vehicles and dynamic wireless channel condition make it challenge to design an optimal content caching policy. Further, with much sensitive personal information, vehicles may be not willing to caching their contents to an untrusted caching provider. Deep Reinforcement Learning (DRL) is an emerging technique to solve the problem with high-dimensional and time-varying features. Permission blockchain is able to establish a secure and decentralized peer-to-peer transaction environment. In this paper, we integrate DRL and permissioned blockchain into vehicular networks for intelligent and secure content caching. We first propose a blockchain empowered distributed content caching framework where vehicles perform content caching and base stations maintain the permissioned blockchain. Then, we exploit the advanced DRL approach to design an optimal content caching scheme with taking mobility into account. Finally, we propose a new block verifier selection method, Proof-of-Utility (PoU), to accelerate block verification process. Security analysis shows that our proposed blockchain empowered content caching can achieve security and privacy protection. Numerical results based on a real dataset from Uber indicate that the DRL-inspired content caching scheme significantly outperforms two benchmark policies.
MobChain: Three-Way Collusion Resistance in Witness-Oriented Location Proof Systems Using Distributed Consensus
Authors: Faheem Zafar, Abid Khan, Rehman Ur Saif Malik, Adeel Anjum, Mansoor Ahmed
Abstract: Smart devices have accentuated the importance of geolocation information. Geolocation identification using smart devices has paved the path for incentive-based location-based services (LBS). A location proof is a digital certificate of the geographical location of a user, which can be used to access various LBS. However, a user full control over a device allows the tampering of location proof. Initially, to resist false proofs, two-party trusted centralized location proof systems (LPS) were introduced to aid the users in generating secure location proofs mutually. However, two-party protocols suffered from the collusion attacks by the participants of the protocol. Consequently, many witness-oriented LPS have emerged to mitigate collusion attacks in two-party protocols. However, witness-oriented LPS presented the possibility of three-way collusion attacks (involving the user, location authority, and the witness). The three-way collusion attacks are inevitable in all existing witness-oriented schemes. To mitigate the inability to resist three-way collusion of existing schemes, in this paper, we introduce a decentralized consensus protocol called as MobChain, where the selection of a witness and location authority is achieved through a distributed consensus of nodes in an underlying P2P network of a private blockchain. The persistent provenance data over the blockchain provides strong security guarantees, as a result, the forging and manipulation become impractical. MobChain provides secure location provenance architecture, relying on decentralized decision making for the selection of participants of the protocol to resist three-way collusion problem. Our prototype implementation and comparison with the state-of-the-art solutions show that MobChain is computationally efficient, highly available while improving the security of LPS.
Proof of Authenticity of Logistics Information with Passive RFID Tags and Blockchain
Authors: Hiroshi Watanabe, Kenji Saito, Satoshi Miyazaki, Toshiharu Okada, Hiroyuki Fukuyama, Tsuneo Kato, Katsuo Taniguchi
Abstract: In tracing the (robotically automated) logistics of large quantities of goods, inexpensive passive RFID tags are preferred for cost reasons. Accordingly, security between such tags and readers have primarily been studied among many issues of RFID. However, the authenticity of data cannot be guaranteed if logistics services can give false information. Although the use of blockchain is often discussed, it is simply a recording system, so there is a risk that false records may be written to it. As a solution, we propose a design in which a digitally signing, location-constrained and tamper-evident reader atomically writes an evidence to blockchain along with its reading and writing a tag. By semi-formal modeling, we confirmed that the confidentiality and integrity of the information can be maintained throughout the system, and digitally signed data can be verified later despite possible compromise of private keys or signature algorithms, or expiration of public key certificates. We also introduce a prototype design to show that our proposal is viable. This makes it possible to trace authentic logistics information using inexpensive passive RFID tags. Furthermore, by abstracting the reader/writer as a sensor/actuator, this model can be extended to IoT in general.
Blockchain-Enabled EHR Framework for Internet of Medical Things
Authors: Lewis Nkenyereye, Riazul M. S. Islam, Mahmud Hossain, M. Abdullah-Al-Wadud, Atif Alamri
Abstract: The Internet of Medical Things (IoMT) offers an infrastructure made of smart medical equipment and software applications for health services. Through the internet, the IoMT is capable of providing remote medical diagnosis and timely health services. The patients can use their smart devices to create, store and share their electronic health records (EHR) with a variety of medical personnel including medical doctors and nurses. However, unless the underlying combination within IoMT is secured, malicious users can intercept, modify and even delete the sensitive EHR data of patients. Patients also lose full control of their EHR since most health services within IoMT are constructed under a centralized platform outsourced in the cloud. Therefore, it is appealing to design a decentralized, auditable and secure EHR system that guarantees absolute access control for the patients while ensuring privacy and security. Using the features of blockchain including decentralization, auditability and immutability, we propose a secure EHR framework which is mainly maintained by the medical centers. In this framework, the patients’ EHR data are encrypted and stored in the servers of medical institutions while the corresponding hash values are kept on the blockchain. We make use of security primitives to offer authentication, integrity and confidentiality of EHR data while access control and immutability is guaranteed by the blockchain technology. The security analysis and performance evaluation of the proposed framework confirms its efficiency.
An Incentive Based Approach for COVID-19 using Blockchain Technology
Authors: Manoj MK, Gautam Srivastava, Krishnan Rama Siva Somayaji, Reddy Thippa Gadekallu, Reddy Kumar Praveen Maddikunta, Sweta Bhattacharya
Abstract: The current situation of COVID-19 demands novel solutions to boost healthcare services and economic growth. A full-fledged solution that can help the government and people retain their normal lifestyle and improve the economy is crucial. By bringing into the picture a unique incentive-based approach, the strain of government and the people can be greatly reduced. By providing incentives for actions such as voluntary testing, isolation, etc., the government can better plan strategies for fighting the situation while people in need can benefit from the incentive offered. This idea of combining strength to battle against the virus can bring out newer possibilities that can give an upper hand in this war. As the unpredictable future develops, sharing and maintaining COVID related data of every user could be the needed trigger to kick start the economy and blockchain paves the way for this solution with decentralization and immutability of data.
Internet of Things (IoT)
Integration of Blockchain and IoT: An Enhanced Security Perspective
Authors: H. Mahdi Miraz, Maaruf Ali
Abstract: Blockchain (BC), a by-product of Bitcoin cryptocurrency, has gained immense and wide scale popularity for its applicability in various diverse domains – especially in multifaceted non-monetary systems. By adopting cryptographic techniques such as hashing and asymmetric encryption – along with distributed consensus approach, a Blockchain based distributed ledger not only becomes highly secure but also immutable and thus eliminates the need for any third-party intermediators. On the contrary, innumerable IoT (Internet of Things) devices are increasingly being added to the network. This phenomenon poses higher risk in terms of security and privacy. It is thus extremely important to address the security aspects of the growing IoT ecosystem. This paper explores the applicability of BC for ensuring enhanced security and privacy in the IoT ecosystem. Recent research articles and projects or applications were surveyed to assess the implementation of BC for IoT Security and identify associated challenges and propose solutions for BC enabled enhanced security for the IoT ecosystem.
Tokoin: A Coin-Based Accountable Access Control Scheme for Internet of Things
Authors: Chunchi Liu, Minghui Xu, Hechuan Guo, Xiuzhen Cheng, Yinhao Xiao, Dongxiao Yu, Bei Gong, Arkady Yerukhimovich, Shengling Wang, Weifeng Lv
Abstract: With the prevalence of Internet of Things (IoT) applications, IoT devices interact closely with our surrounding environments, bringing us unparalleled smartness and convenience. However, the development of secure IoT solutions is getting a long way lagged behind, making us exposed to common unauthorized accesses that may bring malicious attacks and unprecedented danger to our daily life. Overprivilege attack, a widely reported phenomenon in IoT that accesses unauthorized or excessive resources, is notoriously hard to prevent, trace and mitigate. To tackle this challenge, we propose Tokoin-Based Access Control (TBAC), an accountable access control model enabled by blockchain and Trusted Execution Environment (TEE) technologies, to offer fine-graininess, strong auditability, and access procedure control for IoT. TBAC materializes the virtual access power into a definite-amount and secure cryptographic coin termed “tokoin” (token+coin), and manages it using atomic and accountable state-transition functions in a blockchain. We also realize access procedure control by mandating every tokoin a fine-grained access policy defining who is allowed to do what at when in where by how. The tokoin is peer-to-peer transferable, and can be modified only by the resource owner when necessary. We fully implement TBAC with well-studied cryptographic primitives and blockchain platforms and present a readily available APP for regular users. We also present a case study to demonstrate how TBAC is employed to enable autonomous in-home cargo delivery while guaranteeing the access policy compliance and home owner’s physical security by regulating the physical behaviors of the deliveryman.
Blockchain based Attack Detection on Machine Learning Algorithms for IoT based E-Health Applications
Authors: Reddy Thippa Gadekallu, M Manoj K, Krishnan Sivarama S, Neeraj Kumar, Saqib Hakak, Sweta Bhattacharya
Abstract: The application of machine learning (ML) algorithms are massively scaling-up due to rapid digitization and emergence of new tecnologies like Internet of Things (IoT). In today’s digital era, we can find ML algorithms being applied in the areas of healthcare, IoT, engineering, finance and so on. However, all these algorithms need to be trained in order to predict/solve a particular problem. There is high possibility of tampering the training datasets and produce biased results. Hence, in this article, we have proposed blockchain based solution to secure the datasets generated from IoT devices for E-Health applications. The proposed blockchain based solution uses using private cloud to tackle the aforementioned issue. For evaluation, we have developed a system that can be used by dataset owners to secure their data.
A Framework for Prediction and Storage of Battery Life in IoT Devices using DNN and Blockchain
Authors: Krishnan Rama Siva Somayaji, Mamoun Alazab, Manoj MK, Antonio Bucchiarone, Lal Chiranji Chowdhary, Reddy Thippa Gadekallu
Abstract: As digitization increases, the need to automate various entities becomes crucial for development. The data generated by the IoT devices need to be processed accurately and in a secure manner. The basis for the success of such a scenario requires blockchain as a means of unalterable data storage to improve the overall security and trust in the system. By providing trust in an automated system, with real-time data updates to all stakeholders, an improved form of implementation takes the stage and can help reduce the stress of adaptability to complete automated systems. This research focuses on a use case with respect to the real time Internet of Things (IoT) network which is deployed at the beach of Chicago Park District. This real time data which is collected from various sensors is then used to design a predictive model using Deep Neural Networks for estimating the battery life of IoT sensors that is deployed at the beach. This proposed model could help the government to plan for placing orders of replaceable batteries before time so that there can be an uninterrupted service. Since this data is sensitive and requires to be secured, the predicted battery life value is stored in blockchain which would be a tamper-proof record of the data.
Proof of Work (PoW) alternatives
On the Serverless Nature of Blockchains and Smart Contracts
Authors: Vladimir Yussupov, Ghareeb Falazi, Uwe Breitenbücher, Frank Leymann
Abstract: Although historically the term serverless was also used in the context of peer-to-peer systems, it is more frequently associated with the architectural style for developing cloud-native applications. From the developer’s perspective, serverless architectures allow reducing management efforts since applications are composed using provider-managed components, e.g., Database-as-a-Service (DBaaS) and Function-as-a-Service (FaaS) offerings. Blockchains are distributed systems designed to enable collaborative scenarios involving multiple untrusted parties. It seems that the decentralized peer-to-peer nature of blockchains makes it interesting to consider them in serverless architectures, since resource allocation and management tasks are not required to be performed by users. Moreover, considering their useful properties of ensuring transaction’s immutability and facilitating accountable interactions, blockchains might enhance the overall guarantees and capabilities of serverless architectures. Therefore, in this work, we analyze how the blockchain technology and smart contracts fit into the serverless picture and derive a set of scenarios in which they act as different component types in serverless architectures. Furthermore, we formulate the implementation requirements that have to be fulfilled to successfully use blockchains and smart contracts in these scenarios. Finally, we investigate which existing technologies enable these scenarios, and analyze their readiness and suitability to fulfill the formulated requirements.