BLOCKCHAIN SCALABILITY AND SECURITY

Duong, Tuyet

01 January 2018

Cryptocurrencies like Bitcoin have proven to be a phenomenal success. The underlying techniques hold huge promise to change the future of financial transactions, and eventually the way people and companies compute, collaborate, and interact. At the same time, the current Bitcoin-like proof-of-work based blockchain systems are facing many challenges. In more detail, a huge amount of energy/electricity is needed for maintaining the Bitcoin blockchain. In addition, their security holds if the majority of the computing power is under the control of honest players. However, this assumption has been seriously challenged recently and Bitcoin-like systems will fail when this assumption is broken. This research proposes novel blockchain designs to address the challenges. We first propose a novel blockchain protocol, called 2-hop blockchain, by combining proof-of-work and proof-of-stake mechanisms. That said, even if the adversary controls more than 50% computing power, the honest players still have the chance to defend the blockchain via honest stake. Then we revise and implement the design to obtain a practical cryptocurrency system called Twinscoin. In more detail, we introduce a new strategy for difficulty adjustment in the hybrid blockchain and provide an analysis of it. We also show how to construct a light client for proof-of-stake cryptocurrencies and evaluate the proposal practically. We implement our new design. Our implementation uses a recent modular development framework for blockchains, called Scorex. It allows us to change only certain parts of an application leaving other codebase intact.

Blockchain

Cryptography

Consensus

Other Computer Engineering

Random bit interleaving for trunk link encryption

Einicke, Garry A. (Garry Allan)

January 1990

Bibliography: leaves 112-115

Multiplexing

Cryptography

Aspects de mise en oeuvre de la cryptographie basée sur les codes

Biswas, Bhaskar

04 October 2010

Nous présentons les détails d'implémentation du schema de chiffrement hybride McEliece (HyMES), développé avec Nicolas Sendrier, une version améliorée du cryptosystème de McEliece. Nous présentons une version modifiée du système d'origine (que nous appelons hybride). Il y a deux modifications, la première est augmente le taux d'information, la seconde réduit la taille de clé publique en faisant usage d'une matrice génératrice sous forme systématique. Nous allons montrer que la réduction de sécurité est la même que pour le système original. Nous décrivons ensuite les algorithmes de génération de clés, de chiffrement et de déchiffrement ainsi que leur mise en œuvre. Enfin nous donnerons quelques temps de calcul pour différents paramètres, nous les comparerons avec les attaques les plus connues, et nous discuterons du meilleur compromis. L'idée du schéma de McEliece est de masquer la structure du code au moyen d'une transformation de la matrice génératrice. La matrice génératrice transformée devient la clé publique alors que la clé secrete est la structure du code de Goppa ainsi que les paramètres de transformation. La sécurité repose sur le fait que le problème de décodage d'un code linéaire est NP-complet. Le cryptosystème de McEliece n'a pas eu autant de succès que le RSA, en grande partie à cause de la taille de la clé publique mais ce problème devient moins rédhibitoire avec les progrès du hardware. Notre objectif a été de mettre en œuvre un logiciel assez rapide qui pourra servir de référence. Nous présenterons également les détails algorithmiques de notre travail. L'ensemble du projet est disponible gratuitement à : http://www-roc.inria.fr / secret / CBCrypto / index.php? pg = Hymes

codes McEliece

Implementation aspects of elliptic curve cryptography

Sava��, Erkay

20 June 2000

As the information-processing and telecommunications revolutions now underway will continue to change our life styles in the rest of the 21st century, our personal and economic lives rely more and more on our ability to transact over the electronic medium in a secure way. The privacy, authenticity, and integrity of the information transmitted or stored on networked computers must be maintained at every point of the transaction. Fortunately, cryptography provides algotrithms and techniques for keeping information secret, for determining that the contents of a transaction have not been tampered with, for determining who has really authorized the transaction, and for binding the involved parties with the contents of the transaction. Since we need security on every piece of digital equipment that helps conduct transactions over the internet in the near future, space and time performances of cryptographic algorithms will always remain to be among the most critical aspects of implementing cryptographic functions. A major class of cryptographic algorithms comprises public-key schemes which enable to realize the message integrity and authenticity check, key distribution, digital signature functions etc. An important category of public-key algorithms is that of elliptic curve cryptosystems (ECC). One of the major advantages of elliptic curve cryptosystems is that they utilize much shorter key lengths in comparison to other well known algorithms such as RSA cryptosystems. However, as do the other public-key cryptosystems ECC also requires computationally intensive operations. Although the speed remains to be always the primary concern, other design constraints such as memory might be of significant importance for certain constrained platforms. In this thesis, we are interested in developing space- and time-efficient hardware and software implementations of the elliptic curve cryptosystems. The main focus of this work is to improve and devise algorithms and hardware architectures for arithmetic operations of finite fields used in elliptic curve cryptosystems. / Graduation date: 2001

Curves, Elliptic

Fast bit-level, word-level and parallel arithmetic in finite fields for elliptic curve cryptosystems

Halbuto��ullar��, Alper

02 November 1998

Computer and network security has recently become a popular subject due to the explosive growth of the Internet and the migration of commerce practices to the electronic medium. Thus the authenticity and privacy of the information transmitted and the data stored on networked computers is of utmost importance. The deployment of network security procedures requires the implementation of cryptographic functions. More specifically, these include encryption, decryption, authentication, digital signature algorithms and message-digest functions. Performance has always been the most critical characteristic of a cryptographic function, which determines its effectiveness. In this thesis, we concentrate on developing high-speed algorithms and architectures for number theoretic cryptosystems. Our work is mainly focused on implementing elliptic curve cryptosystems efficiently, which requires space- and time-efficient implementations of arithmetic operations over finite fields. We introduce new methods for arithmetic operations over finite fields. Methodologies such as precomputation, residue number system representation, and parallel computation are adopted to obtain efficient algorithms that are applicable on a variety of cryptographic systems and subsystems. Since arithmetic operations in finite fields also have applications in coding theory and computer algebra, the methods proposed in this thesis are applicable to these applications as well. / Graduation date: 1999

Data encryption (Computer science)

Cryptography

Computer arithmetic

Fast software implementations of block ciphers

Sessions, Julian Brently

23 November 1998

Three block ciphers are considered to determine how well they can be implemented on existing superscalar architectures such as the Intel Pentium. An examination of the Pentium architecture suggests that substantial performance increases can be achieved if particular rules are followed. Software libraries are written in high-level C language and low-level assembly language to produce a package of routines which achieve a near optimal performance level on a current processor architecture. The structure of each algorithm is studied to determine if it is possible to alternatively implement the algorithm such that certain steps are reordered or reduced. Using the Intel MMX architectural advances, it is observed that one algorithm benefits dramatically from a new implementation that takes advantage of MMX strengths. / Graduation date: 1999

Data encryption (Computer science)

Cryptography

Computer security

High-speed algorithms & architectures for number-theoretic cryptosystems

Acar, Tolga

04 December 1997

Computer and network security systems rely on the privacy and authenticity of information, which requires implementation of cryptographic functions. Software implementations of these functions are often desired because of their flexibility and cost effectiveness. In this study, we concentrate on developing high-speed and area-efficient modular multiplication and exponentiation algorithms for number-theoretic cryptosystems. The RSA algorithm, the Diffie-Hellman key exchange scheme and Digital Signature Standard require the computation of modular exponentiation, which is broken into a series of modular multiplications. One of the most interesting advances in modular exponentiation has been the introduction of Montgomery multiplication. We are interested in two aspects of modular multiplication algorithms: development of fast and convenient methods on a given hardware platform, and hardware requirements to achieve high-performance algorithms. Arithmetic operations in the Galois field GF(2[superscript]k) have several applications in coding theory, computer algebra, and cryptography. We are especially interested in cryptographic applications where k is large, such as elliptic curve cryptosystems. / Graduation date: 1998

Cryptography

Data encryption (Computer science)

Computer algorithms

Security enhancement on the cryptosystem based on chaotic and elliptic curve cryptography /

Man, Kwan Pok.

January 2006

Thesis (M.Phil.)--City University of Hong Kong, 2006. / "Submitted to Department of Electronic Engineering in partial fulfillment of the requirements for the degree of Master of Philosophy" Includes bibliographical references (leaves 93-97)

Outsourced Private Information Retrieval with Pricing and Access Control

Huang, Yizhou

15 May 2013

We propose a scheme for outsourcing Private Information Retrieval (PIR) to untrusted servers while protecting the privacy of the database owner as well as that of the database clients. We observe that by layering PIR on top of an Oblivious RAM (ORAM) data layout, we provide the ability for the database owner to perform private writes, while database clients can perform private reads from the database even while the owner is offline. We can also enforce pricing and access control on a per-record basis for these reads. This extends the usual ORAM model by allowing multiple database readers without requiring trusted hardware; indeed, almost all of the computation in our scheme during reads is performed by untrusted cloud servers. Built on top of a simple ORAM protocol, we implement a real system as a proof of concept. Our system privately updates a 1 MB record in a 16 GB database with an average end-to-end overhead of 1.22 seconds and answers a PIR query within 3.5 seconds over a 2 GB database. We make an observation that the database owner can always conduct a private read as an ordinary database client, and the private write protocol does not have to provide a "read" functionality as a standard ORAM protocol does. Based on this observation, we propose a second construction with the same privacy guarantee, but much faster. We also implement a real system for this construction, which privately writes a 1 MB record in a 1 TB database with an amortized end-to-end response time of 313 ms. Our first construction demonstrates the fact that a standard ORAM protocol can be used for outsourcing PIR computations in a privacy-friendly manner, while our second construction shows that an ad-hoc modification of the standard ORAM protocol is possible for our purpose and allows more efficient record updates.

Privacy Enhancing Technology

Applied Cryptography

Computer Science

Cryptographic Credentials with Privacy-preserving Biometric Bindings

Bissessar, David

22 January 2013

Cryptographic credentials allow user authorizations to be granted and verified. and have such applications as e-Passports, e-Commerce, and electronic cash. This thesis proposes a privacy protecting approach of binding biometrically derived keys to cryptographic credentials to prevent unauthorized lending. Our approach builds on the 2011 work of Adams, offering additional benefits of privacy protection of biometric information, generality on biometric modalities, and performance. Our protocol integrates into Brands’ Digital Credential scheme, and the Anonymous Credentials scheme of Camenisch and Lysyanskaya. We describe a detailed integration with the Digital Credential Scheme and sketch the integration into the Anonymous Credentials scheme. Security proofs for non-transferability, correctness of ownership, and unlinkability are provided for the protocol’s instantiation into Digital Credentials. Our approach uses specialized biometric devices in both the issue and show protocols. These devices are configured with our proposed primitive, the fuzzy ex-tractor indistinguishability adaptor which uses a traditional fuzzy extractor to create and regenerate cryptographic keys from biometric data and IND-CCA2 secure en-cryption protect the generated public data against multiplicity attacks. Pedersen commitments are used to hold the key at issue and show time, and A zero-knowledge proof of knowledge is used to ensure correspondence of key created at issue-time and regenerated at show-time. The above is done in a manner which preserves biometric privacy, as and delivers non-transferability of digital credentials. The biometric itself is not stored or divulged to any of the parties involved in the protocol. Privacy protection in multiple enrollments scenarios is achieved by the fuzzy extractor indistinguishability adapter. The zero knowledge proof of knowledge is used in the showing protocol to prove knowledge of values without divulging them.

Cryptography

Privacy Enhancing Techniques

Biometrics

Fuzzy Extractors