Biblio

User's digital identity information has privacy and security requirements. Privacy requirements include confidentiality of the identity information itself, anonymity of those who verify and consume a user's identity information and unlinkability of online transactions which involve a user's identity. Security requirements include correctness, ownership assurance and prevention of counterfeits of a user's identity information. Such privacy and security requirements, although conflicting, are critical for identity management systems enabling the exchange of users' identity information between different parties during the execution of online transactions. Addressing all such requirements, without a centralized party managing the identity exchange transactions, raises several challenges. This paper presents a decentralized protocol for privacy preserving exchange of users' identity information addressing such challenges. The proposed protocol leverages advances in blockchain and zero knowledge proof technologies, as the main building blocks. We provide prototype implementations of the main building blocks of the protocol and assess its performance and security.

Nowadays, with the diversification and decentralization of energy systems, the energy Internet makes it possible to interconnect distributed energy sources and consumers. In the energy trading market, the traditional centralized model relies entirely on trusted third parties. However, as the number of entities involved in the transactions grows and the forms of transactions diversify, the centralized model gradually exposes problems such as insufficient scalability, High energy consumption, and low processing efficiency. To address these challenges, we propose a secure and efficient energy renewable trading scheme based on blockchain. In our scheme, the electricity market trading model is divided into two levels, which can not only protect the privacy, but also achieve a green computing. In addition, in order to adapt to the relatively weak computing power of the underlying equipment in smart grid, we design a credibility-based equity proof mechanism to greatly improve the system availability. Compared with other similar distributed energy trading schemes, we prove the advantages of our scheme in terms of high operational efficiency and low computational overhead through experimental evaluations. Additionally, we conduct a detailed security analysis to demonstrate that our solution meets the security requirements.

Performing a fair exchange without a Trusted Third Party (TTP) was considered to be impossible. With multi party computation and practices like Proof-of-Work (PoW), blockchain accomplishes a fair exchange in a trustless network. Data confidentiality is a key challenge that has to be resolved before adopting blockchain for enterprise applications where tokenized assets will be transferred. Protocols like Zcash are already providing the same for financial transactions but lacks flexibility required to apply in most of the potential use cases of blockchain. Most of the real world application work in a way where a transaction is carried out when a particular action is performed. Also, the zero knowledge proof method used in Zcash, ZKSNARK has certain weaknesses restricting its adoption. One of the major drawbacks of ZKSNARK is that it requires an initial trust setup phase which is difficult to achieve in blockchain ecosystem. ZKSTARK, an interactive zero knowledge proof does not require this phase and also provides security against post quantum attacks. We propose a system that uses two indistinguishable hash functions along with ZKSTARK to improve the flexibility of blockchain platforms. The two indistinguishable hash functions are chosen from SHA3-finalists based on their security, performance and inner designs.

A trademark may be a word, phrase, symbol, sound, color, scent or design, or combination of these, that identifies and distinguishes the products or services of a particular source from those of others. Obtaining a trademark is a complex, time intensive and costly process that involves varied steps before the trademark can be registered including searching prior trademarks, filing of the trademark application, review of the trademark application and final publication for opposition by the public. Currently, the process of trademark registration, renewal and validation faces numerous challenges such as the requirement for registration in different jurisdictions, maintenance of centralized databases in different jurisdictions, proving the authenticity of the physical trademark documents, identifying the violation and abuse of the intellectual property etc. to name a few. Recently, blockchain technology has shown great potential in a variety of industries such as finance, education, energy and resource management, healthcare, due to its decentralization and non-tampering features. Furthermore, in the recent years, smart contracts have attracted increased attention due to the popularity of blockchains. In this study, we have utilized Hyperledger fabric as the permissioned blockchain framework along with smart contracts to provide solution to the financial, procedural, enforcement and protection related challenges of the current trademark system. Our blockchain based application seeks to provide a secure, decentralized, immutable trademark system that can be utilized by the intellectual property organizations across different jurisdictions for easily and effectively registering, renewing, validating and distributing digital trademark certificates.

With the vast increase in data transmission due to a large number of information collected by devices, data management, and security has been a challenge for organizations. Many data owners (DOs) outsource their data to cloud repositories due to several economic advantages cloud service providers present. However, DOs, after their data are outsourced, do not have complete control of the data, and therefore, external systems are incorporated to manage the data. Several kinds of research refer to the use of encryption techniques to prevent unauthorized access to data but prove to be deficient in providing suitable solutions to the problem. In this article, we propose a secure fine-grain access control system for outsourced data, which supports read and write operations to the data. We make use of an attribute-based encryption (ABE) scheme, which is regarded as a suitable scheme to achieve access control for security and privacy (confidentiality) of outsourced data. This article considers different categories of data users, and make provisions for distinct access roles and permissible actions on the outsourced data with dynamic and efficient policy updates to the corresponding ciphertext in cloud repositories. We adopt blockchain technologies to enhance traceability and visibility to enable control over outsourced data by a DO. The security analysis presented demonstrates that the security properties of the system are not compromised. Results based on extensive experiments illustrate the efficiency and scalability of our system.

A cooperative network defense is one approach to fend off large-scale Distributed Denial-of-Service (DDoS) attacks. In this regard, the Blockchain Signaling System (BloSS) is a multi-domain, blockchain-based, cooperative DDoS defense system, where each Autonomous System (AS) is taking part in the defense alliance. Each AS can exchange attack information about ongoing attacks via the Ethereum blockchain. However, the currently operational implementation of BloSS is not interactive or visualized, but the DDoS mitigation is automated. In realworld defense systems, a human cybersecurity analyst decides whether a DDoS threat should be mitigated or not. Thus, this work presents the design of a security management dashboard for BloSS, designed for interactive use by cyber security analysts.

To solve the problem of big data security and privacy protection, and expound the concept of cloud computing, big data and the relationship between them, the existing security and privacy protection method characteristic and problems were studied. A reference model is proposed which is based on cloud platform. In this model the physical level, data layer, interface layer and application layer step by step in to implement the system security risk early warning and threat perception, this provides an effective solution for the research of big data security. At the same time, a future research direction that uses the blockchain to solve cloud security and privacy protection is also pointed out.

Today, the privacy and the security of any organization are the key requirement, the digital online transaction of money or coins also needed a certain level of security not only during the broadcasting of the transaction but before the sending of the transaction. In this research paper we proposed and implemented a cryptocurrency (Bitcoin) wallet for the android operating system, by using the QR code-based android application and a secure private key storage (Cold Wallet). Two android applications have been implemented one of them is called cold wallet and the other one is hot wallet. Cold wallet (offline) is to store and generate the private key addresses for secure transaction confirmation and the hot wallet is used to send bitcoin to the network. Hot wallet application gives facility to the user view history of performed transactions, to send and compose a new bitcoin transaction, receive bitcoin, sign it and send it to the network. By using the process of cross QR code scanning of the hot and cold wallet to the identification, validation and authentication of the user made it secure.

The characteristics of decentralization, tamper-resistance and transaction anonymity of blockchain can resolve effectively the problems in traditional intellectual property such as the difficulty of electronic obtaining for evidence, the high cost and low compensation when safeguarding the copyrights. Blockchain records the information through encryption algorithm, removes the third party, and stores the information in all nodes to prevent the information from being tampered with, so as to realize the protection of intellectual property. Starting from the bottom layer of blockchain, this paper expounds in detail the characteristics and the technical framework of blockchain. At the same time, according to the existing problems in transaction throughput, time delay and resource consumption of blockchain system, optimization mechanisms such as cross-chain and proof of stake are analyzed. Finally, combined with the characteristics of blockchain technology and existing application framework, this paper summarizes the existing problems in the industry and forecasts the development trend of intellectual property based on blockchain technology.

Public Key Infrastructure (PKI) has been popularized in many scenarios such as e-government applications, enterprises, etc. Due to the construction of PKI system of various regions and departments, there formed a lot of isolated PKI management domains, cross-domain authentication has become a problem that cannot ignored, which also has some traditional solutions such as cross-authentication, trust list, etc. However, some issues still exist, which hinder the popularity of unified trust services. For example, lack of unified cross domain standard, the update period of Certificate Revocation List (CRL) is too long, which affects the security of cross-domain authentication. In this paper, we proposed a trust transferring model by using blockchain consensus instead of traditional trusted third party for e-government applications. We exploit how to solve the unified trust service problem of PKI at the national level through consensus and transfer some CA management functions to the blockchain. And we prove the scheme's feasibility from engineering perspective. Besides, the scheme has enough scalability to satisfy trust transfer requirements of multiple PKI systems. Meanwhile, the security and efficiency are also guaranteed compared with traditional solutions.

Two-factor authentication (2FA) is widely prevalent in banking, emails and virtual private networks (VPN) connections or in accessing any secure web service. In 2FA, to get authenticated the users are expected to provide additional secret information along with the password. Typically, this secret information (tokens) is generated by a centralized trusted third party upon receiving an authentication request from users. Thus, this additional layer of security comes at the cost of inherently trusting the third party for their services. The security of such authentication systems is always under the threat of the trusted party is being compromised. In this paper, we propose a novel approach to make server authentication even more secure by building 2FA over the blockchain platform which is distributed in nature. The proposed solution does not require any trusted third party between claimant (user) and the verifier (server) for the authentication purpose. To demonstrate the idea of using blockchain technology for 2FA, we have added an extra layer of security component to the OpenSSH server a widely used application for Secure Shell (SSH) protocol.

As part of its ongoing efforts to meet the increased spectrum demand, the Federal Communications Commission (FCC) has recently opened up 150 MHz in the 3.5 GHz band for shared wireless broadband use. Access and operations in this band, aka Citizens Broadband Radio Service (CBRS), will be managed by a dynamic spectrum access system (SAS) to enable seamless spectrum sharing between secondary users (SUs) and incumbent users. Despite its benefits, SAS's design requirements, as set by FCC, present privacy risks to SUs, merely because SUs are required to share sensitive operational information (e.g., location, identity, spectrum usage) with SAS to be able to learn about spectrum availability in their vicinity. In this paper, we propose TrustSAS, a trustworthy framework for SAS that synergizes state-of-the-art cryptographic techniques with blockchain technology in an innovative way to address these privacy issues while complying with FCC's regulatory design requirements. We analyze the security of our framework and evaluate its performance through analysis, simulation and experimentation. We show that TrustSAS can offer high security guarantees with reasonable overhead, making it an ideal solution for addressing SUs' privacy issues in an operational SAS environment.

Internet of Things (IoT) as per estimated will connect 50 billion devices by 2020. Since its evolution, IoT technology provides lots of flexibility to develop and implement any application. Most of the application improves the human living standard and also makes life easy to access and monitoring the things in real time. Though there exist some security and privacy issues in IoT system like authentication, computation, data modification, trust among users. In this paper, we have identified the IoT application like insurance, supply chain system, smart city and smart car where trust among associated users is an major issue. The current centralized system does not provide enough trust between users. Using Blockchain technology we have shown that trust issue among users can be managed in a decentralized way so that information can be traceable and identify/verify any time. Blockchain has properties like distributed, digitally share and immutable which enhance security. For Blockchain implementation, Ethereum platform is used.

The need for sensors to deliver, communicate, collect, alert, and share information in various applications has made wireless sensor networks very popular. However, due to its limited resources in terms of computation power, battery life and memory storage of the sensor nodes, it is challenging to add security features to provide the confidentiality, integrity, and availability. Blockchain technology ensures security and avoids the need of any trusted third party. However, applying Blockchain in a resource-constrained wireless sensor network is a challenging task because Blockchain is power, computation, and memory hungry in nature and demands heavy bandwidth due to control overheads. In this paper, a new routing and a private communication Blockchain framework is designed and tested with Constant Bit rate (CBR). The proposed Load Balancing Multi-Hop (LBMH) routing shares and enhances the battery life of the Cluster Heads and reduce control overhead during Block updates, but due to limited storage and energy of the sensor nodes, Blockchain in sensor networks may never become a reality unless computation, storage and battery life are readily available at low cost.

With the widespread of cloud computing, the delegation of storage and computing is becoming a popular trend. Concerns on data integrity, security, user privacy as well as the correctness of execution are highlighted due to the untrusted remote data manipulation. Most of existing proposals solve the integrity checking and verifiable computation problems by challenge-response model, but are lack of scalability and reusability. Via blockchain, we achieve efficient and transparent public verifiable delegation for both storage and computing. Meanwhile, the smart contract provides API for request handling and secure data query. The security and privacy issues of data opening are settled by applying cryptographic algorithms all through the delegations. Additionally, any access to the outsourced data requires the owner's authentication, so that the dat transference and utilization are under control.

Despite significant research, the supply chain management challenges still have a long way to go with respect to solving the issues such as management of product supply information, product lifecycle, transport history, etc. Given the recent rise of blockchain technology in various industrial sectors, our work explores the issues prevalent in each stage of the supply chain and checks their candidacy for the implementation using blockchain technology. The analysis is performed in terms of the characteristics of trust and decentralization with respect to forming a generalized framework. The main contribution of this work is to create a conceptual overview of the areas where blockchain integrates with supply chain management in order to benefit further research and development.

Blockchain technology is getting more attention due to its inherent nature in resistance to data modification. Blockchain combined with IoT enables to improve the level of services for various domains with security guarantees. Numerous research has begun in order to link the blockchain along with autonomous vehicles system on 5G networks. Ultrafast connections, speedier data downloads, and the ability to handle millions of connections more than LTE networks are crucial to support a rapid autonomous system. Therefore, the system requires proper data storage management, high secure transaction, and non-interference network. The blockchain is suitable for the 5G vehicular system since it is immutable, tamper-proof, and secure by design. Although the decentralized 5G autonomous vehicular network provides countless benefits, yet it raises more than a few challenges. This paper provides an initial stage of the blockchain-enabled 5G vehicular networks, architecture, and technical aspects. Some remarks and challenges are also discussed.

Recently Distributed Denial-of-Service (DDoS) are becoming more and more sophisticated, which makes the existing defence systems not capable of tolerating by themselves against wide-ranging attacks. Thus, collaborative protection mitigation has become a needed alternative to extend defence mechanisms. However, the existing coordinated DDoS mitigation approaches either they require a complex configuration or are highly-priced. Blockchain technology offers a solution that reduces the complexity of signalling DDoS system, as well as a platform where many autonomous systems (Ass) can share hardware resources and defence capabilities for an effective DDoS defence. In this work, we also used a Deep learning DDoS detection system; we identify individual DDoS attack class and also define whether the incoming traffic is legitimate or attack. By classifying the attack traffic flow separately, our proposed mitigation technique could deny only the specific traffic causing the attack, instead of blocking all the traffic coming towards the victim(s).

One of the effective ways of detecting malicious traffic in computer networks is intrusion detection systems (IDS). Though IDS identify malicious activities in a network, it might be difficult to detect distributed or coordinated attacks because they only have single vantage point. To combat this problem, cooperative intrusion detection system was proposed. In this detection system, nodes exchange attack features or signatures with a view of detecting an attack that has previously been detected by one of the other nodes in the system. Exchanging of attack features is necessary because a zero-day attacks (attacks without known signature) experienced in different locations are not the same. Although this solution enhanced the ability of a single IDS to respond to attacks that have been previously identified by cooperating nodes, malicious activities such as fake data injection, data manipulation or deletion and data consistency are problems threatening this approach. In this paper, we propose a solution that leverages blockchain's distributive technology, tamper-proof ability and data immutability to detect and prevent malicious activities and solve data consistency problems facing cooperative intrusion detection. Focusing on extraction, storage and distribution stages of cooperative intrusion detection, we develop a blockchain-based solution that securely extracts features or signatures, adds extra verification step, makes storage of these signatures and features distributive and data sharing secured. Performance evaluation of the system with respect to its response time and resistance to the features/signatures injection is presented. The result shows that the proposed solution prevents stored attack features or signature against malicious data injection, manipulation or deletion and has low latency.

Supply chain management (SCM) is fundamental for gaining financial, environmental and social benefits in the supply chain industry. However, traditional SCM mechanisms usually suffer from a wide scope of issues such as lack of information sharing, long delays for data retrieval, and unreliability in product tracing. Recent advances in blockchain technology show great potential to tackle these issues due to its salient features including immutability, transparency, and decentralization. Although there are some proof-of-concept studies and surveys on blockchain-based SCM from the perspective of logistics, the underlying technical challenges are not clearly identified. In this paper, we provide a comprehensive analysis of potential opportunities, new requirements, and principles of designing blockchain-based SCM systems. We summarize and discuss four crucial technical challenges in terms of scalability, throughput, access control, data retrieval and review the promising solutions. Finally, a case study of designing blockchain-based food traceability system is reported to provide more insights on how to tackle these technical challenges in practice.

This article is devoted to the development of a platform for reliable storage of information on supplies based on blockchain technology. The article discusses the main approaches to the work of decentralized applications, as well as the main problems.

Electronic systems are ubiquitous today, playing an irreplaceable role in our personal lives, as well as in critical infrastructures such as power grids, satellite communications, and public transportation. In the past few decades, the security of software running on these systems has received significant attention. However, hardware has been assumed to be trustworthy and reliable “by default” without really analyzing the vulnerabilities in the electronics supply chain. With the rapid globalization of the semiconductor industry, it has become challenging to ensure the integrity and security of hardware. In this article, we discuss the integrity concerns associated with a globalized electronics supply chain. More specifically, we divide the supply chain into six distinct entities: IP owner/foundry (OCM), distributor, assembler, integrator, end user, and electronics recycler, and analyze the vulnerabilities and threats associated with each stage. To address the concerns of the supply chain integrity, we propose a blockchain-based certificate authority framework that can be used to manage critical chip information such as electronic chip identification, chip grade, and transaction time. The decentralized nature of the proposed framework can mitigate most threats of the electronics supply chain, such as recycling, remarking, cloning, and overproduction.

The data collected by IoT devices is of great value, which makes people urgently need a secure device key management strategy to protect their data. Existing works introduce the blockchain technology to transfer the responsibility of key management from the trusted center in the traditional key management strategy to the devices, thus eliminating the trust crisis caused by excessive dependence on third parties. However, the lightweight implementation of IoT devices limits the ability to resist side channel attacks, causing the private key to be exposed and subject to masquerading attacks. Accordingly, we strengthen the original blockchain based key management scheme to defend against key exposure attack. On the one hand, we introduce two hash functions to bind transactions in the blockchain to legitimate users. On the other hand, we design a secure key exchange protocol for identifying and exchanging access keys between legitimate users. Security analysis and performance show that the proposed scheme improves the robustness of the network with small storage and communication overhead increments.

The Internet of Things is stepping out of its infancy into full maturity, requiring massive data processing and storage. Unfortunately, because of the unique characteristics of resource constraints, short-range communication, and self-organization in IoT, it always resorts to the cloud or fog nodes for outsourced computation and storage, which has brought about a series of novel challenging security and privacy threats. For this reason, one of the critical challenges of having numerous IoT devices is the capacity to manage them and their data. A specific concern is from which devices or Edge clouds to accept join requests or interaction requests. This paper discusses a design concept for developing the IoT data management platform, along with a data management and lineage traceability implementation of the platform based on blockchain and smart contracts, which approaches the two major challenges: how to implement effective data management and enrich rational interoperability for trusted groups of linked Things; And how to settle conflicts between untrusted IoT devices and its requests taking into account security and privacy preserving. Experimental results show that the system scales well with the loss of computing and communication performance maintaining within the acceptable range, works well to effectively defend against unauthorized access and empower data provenance and transparency, which verifies the feasibility and efficiency of the design concept to provide privacy, fine-grained, and integrity data management over the IoT devices by introducing the blockchain-based data management platform.

We present Ouroboros Crypsinous, the first formally analyzed privacy-preserving proof-of-stake blockchain protocol. To model its security we give a thorough treatment of private ledgers in the (G)UC setting that might be of independent interest. To prove our protocol secure against adaptive attacks, we introduce a new coin evolution technique relying on SNARKs and key-private forward secure encryption. The latter primitive-and the associated construction-can be of independent interest. We stress that existing approaches to private blockchain, such as the proof-of-work-based Zerocash are analyzed only against static corruptions.