Biblio

Most of the existing identity systems are built on top of centralized storage systems. Storing identity data on these types of centralized storage platforms(e.g cloud storage, central servers) becomes a major privacy concern since various types of attacks and data breaches can happen. With this research, we are proposing blockchain and self-sovereign identity based digital identity (KYC - Know Your Customer) platform “Casper” to address the issues on centralized identity systems. “Casper ” is an Android/iOS based mobile identity wallet application that combines the integration of blockchain and a self-sovereign identity-based approach. Unlike centralized identity systems, the actual identities of the customer/users are stored in the customers’ mobile wallet application. The proof of these identities is stored in the blockchain-based decentralized storage as a self-sovereign identity proof. Casper platforms’ Self-Sovereign Identity(SSI)-based system provides a Zero Knowledge Proof(ZKP) mechanism to verify the identity information. Casper platform can be adopted in various domains such as healthcare, banking, government organization etc. As a use case, we have discussed building a digital identity wallet for banking customers with the Casper platform. Casper provides a secure, decentralized and ZKP verifiable identity by using blockchain and SSI based approach. It addresses the common issues in centralized/cloud-based identity systems platforms such as the lack of data immutability, lack of traceability, centralized control etc.

The total number of photovoltaic power producing facilities whose FIT-based ten-year contract expires by 2023 is expected to reach approximately 1.65 million in Japan. If the number of renewable electricity-producing/consuming facilities reached two million, an enormous number of transactions would be invoked beyond blockchain's scalability.We propose mutually cooperative two novel methods to simultaneously solve scalability, data size, and privacy problems in blockchain-based trading platforms for renewable energy environmental value. One is a management scheme of electricity production resources (EPRs) using an extended UTXO token. The other is a data aggregation scheme that aggregates a significant number of smart meter records with evidentiality using zero-knowledge proof (ZKP).

Blockchain is being pursued by a growing number of people with its characteristics of openness, transparency, and decentralization. At the same time, how to secure privacy protection in such an open and transparent ledger is an urgent issue to be solved for deep study. Therefore, this paper proposes a protocol based on Secure multi-party computation, which can merge and sign different transaction messages under the anonymous condition by using Pedersen commitment and Schnorr Signature. Through the rationality proof and security analysis, this paper demonstrates the private transaction is safe under the semi-honest model. And its computational cost is less than the equivalent multi-signature model. The research has made some innovative contributions to the privacy computing theory.

Access to data at large scales expedites the progress of research in medical fields. Nevertheless, accessibility to patients' data faces significant challenges on regulatory, organizational and technical levels. In light of this, we present a novel approach based on the crowdsourcing paradigm to solve this data scarcity problem. Utilizing the infrastructure that blockchain provides, our decentralized platform enables researchers to solicit contributions to their well-defined research study from a large crowd of volunteers. Furthermore, to overcome the challenge of breach of privacy and mutual trust, we employed the cryptographic primitive of Zero-knowledge Argument of Knowledge (zk-SNARK). This not only allows participants to make contributions without exposing their privacy-sensitive health data, but also provides a means for a distributed network of users to verify the validity of the contributions in an efficient manner. Finally, since without an incentive mechanism in place, the crowdsourcing platform would be rendered ineffective, we incorporated smart contracts to ensure a fair reciprocal exchange of data for reward between patients and researchers.

The blockchain's cross-chain atomic exchange uses smart contracts to replace trusted third parties, but atomic exchange cannot guarantee the anonymity of transactions, and it will inevitably increase the risk of privacy leakage. Therefore, this paper proposes an atom based on zero-knowledge proof. Improved methods of exchange to ensure the privacy of both parties in a transaction. The anonymous improvement scheme in this article uses the UTXO unconsumed model to add a new anonymous list in the blockchain. When sending assets to smart contracts, zero-knowledge proof is used to provide self-certification of ownership of the asset, and then the transaction is broken down. Only the hash value of the transaction is sent to the node, and the discarded list is used to verify the validity of the transaction, which achieves the effect of storing assets anonymously in the smart contract. At the same time, a smart contract is added when the two parties in the transaction communicate to exchange the contract address of the newly set smart contract between the two parties in the transaction. This can prevent the smart contract address information from being stolen when the two parties in the transaction communicate directly.

Crowdsensing, driven by the proliferation of sensor-rich mobile devices, has emerged as a promising data sensing and aggregation paradigm. Despite useful, traditional crowdsensing systems typically rely on a centralized third-party platform for data collection and processing, which leads to concerns like single point of failure and lack of operation transparency. Such centralization hinders the wide adoption of crowdsensing by wary participants. We therefore explore an alternative design space of building crowdsensing systems atop the emerging decentralized blockchain technology. While enjoying the benefits brought by the public blockchain, we endeavor to achieve a consolidated set of desirable security properties with a proper choreography of latest techniques and our customized designs. We allow data providers to safely contribute data to the transparent blockchain with the confidentiality guarantee on individual data and differential privacy on the aggregation result. Meanwhile, we ensure the service correctness of data aggregation and sanitization by delicately employing hardware-assisted transparent enclave. Furthermore, we maintain the robustness of our system against faulty data providers that submit invalid data, with a customized zero-knowledge range proof scheme. The experiment results demonstrate the high efficiency of our designs on both mobile client and SGX-enabled server, as well as reasonable on-chain monetary cost of running our task contract on Ethereum.

Recent work, including ZKBoo, ZKB++, and Ligero, has developed efficient non-interactive zero-knowledge proofs of knowledge (NIZKPoKs) for Boolean circuits based on symmetric-key primitives alone, using the "MPC-in-the-head" paradigm of Ishai et al. We show how to instantiate this paradigm with MPC protocols in the preprocessing model; once optimized, this results in an NIZKPoK with shorter proofs (and comparable computation) as in prior work for circuits containing roughly 300–100,000 AND\textasciitildegates. In contrast to prior work, our NIZKPoK also supports witness-independent preprocessing, which allows the prover to shift most of its work to an offline phase before the witness is known. We use our NIZKPoK to construct a signature scheme based only on symmetric-key primitives (and hence with "post-quantum" security). The resulting scheme has shorter signatures than the scheme built using ZKB++ (and comparable signing/verification time), and is even competitive with hash-based signature schemes. To further highlight the flexibility and power of our NIZKPoK, we also use it to build efficient ring and group signatures based on symmetric-key primitives alone. To our knowledge, the resulting schemes are the most efficient constructions of these primitives that offer post-quantum security.

Nuclear weapons have re-emerged as one the main global security challenges of our time. Any further reductions in the nuclear arsenals will have to rely on robust verification mechanisms. This requires, in particular, trusted measurement systems to confirm the authenticity of nuclear warheads based on their radiation signatures. These signatures are considered extremely sensitive information, and inspection systems have to be designed to protect them. To accomplish this task, so-called information barriers" have been proposed. These devices process sensitive information acquired during an inspection, but only display results in a pass/fail manner. Traditional inspection systems rely on complex electronics both for data acquisition and processing. Several research efforts have produced prototype systems, but after almost thirty years of research and development, no viable and widely accepted system has emerged. This talk highlights recent efforts to overcome this impasse. A first approach is to avoid electronics in critical parts of the measurement process altogether and to rely instead on physical phenomena to detect radiation and to confirm a unique fingerprint of the inspected warhead using a zero-knowledge protocol. A second approach is based on a radiation detection system using vintage electronics built around a 6502 processor. Hardware designed in the distant past, at a time when its use for sensitive measurements was never envisioned, may drastically reduce concerns that another party implemented backdoors or hidden switches. Sensitive information is only stored on traditional punched cards. The talk concludes with a roadmap and highlights opportunities for researchers from the hardware security community to make critical contributions to nuclear arms control and global security in the years ahead.