Transcription
Blockchains: Science and ApplicationsBuilding the Internet of Value Aniket KatePurdue UniversityIntel Tech Talk, CERIAS, 2016
Research Overview Cryptocurrencies and Credit Networks[NDSS '17] [PETS '16] [CCS '15] [NDSS '15] [ESORICS '14] Anonymous Communication Networks[NDSS '17] [ESORICS '16] [ACNS '15 ’14] [CCS '14][CSF '13 '12] [WPES '12] [TISSec '10] [FC '10] [PETS ’07] Accountability and Transparency Enhancing Technologies[TDSC '16] [COSN ’15] Longitudinal Privacy and Right to Delete/Conceal[IC '17] [SOUPS' 16] Inactive Projects Privacy-Preserving Web Analytics[ACSAC '14] [Oakland '12] Multi-party Computation and Threshold Cryptography[PODC '14 '12] [CT-RSA '13][ASIACRYPT '11 ’10] [SCN '10] [ICDCS '09]2
Ever Changing Landscape of CommunicationLocal2000-2010Global3
Ever Changing Landscape of CommunicationLocal2000-2010Global3
Ever Changing Landscape of CommunicationCentralizedLocal2000-2010Global3
Ever Changing Landscape of lobal3
Ever Changing Landscape of entralizedLocal2000-2010Global3
Ever Changing Landscape of entralizedLocal2000-2010Global3
Ever Changing Landscape of CommunicationBlockchain CentralizedLocal2000-2010Global3
Ever Changing Landscape of CommunicationBlockchain forEverything!vive,rustoay nmseicedrentruubcirtostiof dCryptayptescontocebut the ckchain is ed2010onwardsCentralizedGlobal3
Blockchain can change . well everythingSource: CB Insights4
Blockchains can change a lot of thingsSource: http://startupmanagement.org/blog 5
What is Money/Currency? Money can be anything that can serve as a store of value, which means people can save it and use it later; unit of account, i.e., it provides a common base for prices; or medium of exchange, something that people can use to buy andsell from one another.6
What is Money/Currency? Money can be anything that can serve as a store of value, which means people can save it and use it later; unit of account, i.e., it provides a common base for prices; or medium of exchange, something that people can use to buy andsell from one another.6
What is Money/Currency! Interesting example: Stone money on the Yap island Being too large to move, buying an item with these stonesis as easy as saying it now belong to the seller As long as the transaction is recorded in the (oral history!),it will now be owned by the seller No physical movementof the stone is required!Money to the island of Yap7
Bitcoin/Blockchain BasicsA: Bitcoin AddressA Hash(vk)sk: signing keyvk: verification keyBitcoin TransactionskInputAddressesOutputAddressesA: B70.345B': B1A’: 69.345σA8
Bitcoin/Blockchain BasicsA: Bitcoin AddressA Hash(vk)sk: signing keyvk: verification keyBitcoin TransactionskInputAddressesOutputAddressesA: B70.345B': B1A’: 69.345σA8
Bitcoin/Blockchain BasicsA: Bitcoin AddressA Hash(vk)sk: signing keyvk: verification keyBitcoin TransactionskInputAddressesOutputAddressesA: B70.345B': B1A’: 69.345σApublic list of transactions or Blockchain8
Our Research ThrustsBlockchainTechnology9
Our Research ty9
Our Research ogySmartContractsScalability9
Core Bitcoin Technology: Blockchains10
Core Bitcoin Technology: Blockchains Blockchain- An asset database that aggregates transactions in blocks, andthese blocks are appended to a chain of existing blocks10
Core Bitcoin Technology: Blockchains Blockchain- An asset database that aggregates transactions in blocks, andthese blocks are appended to a chain of existing blocks Replications- The blockchain is shared across a global network, such that allparticipants can have their own identical copy of the ledger10
Core Bitcoin Technology: Blockchains Blockchain- An asset database that aggregates transactions in blocks, andthese blocks are appended to a chain of existing blocks Replications- The blockchain is shared across a global network, such that allparticipants can have their own identical copy of the ledger Use digital signatures- to control who can do what within the shared ledger10
Core Bitcoin Technology: Blockchains Blockchain- An asset database that aggregates transactions in blocks, andthese blocks are appended to a chain of existing blocks Replications- The blockchain is shared across a global network, such that allparticipants can have their own identical copy of the ledger Use digital signatures- to control who can do what within the shared ledger Use a consensus mechanism- ensuring that only asset owner cannot use/spend their assets twice10
Blockchain Technology: Applications11
Blockchain Technology: Applications Payment Systems Crypto-currencies such as Bitcoin andEthereumPayment settlement IOweYou creditnetworks such as Ripple and StellarDeveloping the Internet of Value11
Blockchain Technology: Applications Payment Systems Crypto-currencies such as Bitcoin andEthereumPayment settlement IOweYou creditnetworks such as Ripple and StellarDeveloping the Internet of ValueIdentity Management11
Blockchain Technology: Applications Payment Systems Crypto-currencies such as Bitcoin andEthereumPayment settlement IOweYou creditnetworks such as Ripple and StellarDeveloping the Internet of Value Identity Management Supply Chain Management Track Diamonds, food, Goods11
Applications: Smart Contracts
Bitcoin Smart Contracts Self executing scripts/programs that directly control the transferof currencies/assets between parties under certain conditionsSelf-ImposableTrustlessFasterCheaper13
Bitcoin Smart Contracts Self executing scripts/programs that directly control the transferof currencies/assets between parties under certain conditionsSelf-ImposableTrustlessFasterCheaper Example Contracts: Assurance contracts/crowd fundingFair exchanges and lotteriesNon-equivocation contracts [CCS ’15]13
Our Application: Non-Disclosure Agreements Non-Disclosure Agreement—NDA A legal contract between two parties that outlines confidential materialthat the parties wish to share with one anotherAlso known as confidentiality agreement (CA),confidential disclosure agreement (CDA),proprietary information agreement (PIA), etc 14
Our Application: Non-Disclosure Agreements Non-Disclosure Agreement—NDA Also known as A legal contract between two parties that outlines confidential materialthat the parties wish to share with one anotherconfidentiality agreement (CA),confidential disclosure agreement (CDA),proprietary information agreement (PIA), etc Extremely common across industry,and often breached! Latest Example:Scorpene submarine data leak fromFrench manufacturer DCNS14
Our Application: Non-Disclosure Agreements Non-Disclosure Agreement—NDA Also known as confidentiality agreement (CA),confidential disclosure agreement (CDA),proprietary information agreement (PIA), etc Extremely common across industry,and often breached! A legal contract between two parties that outlines confidential materialthat the parties wish to share with one anotherLatest Example:Scorpene submarine data leak fromFrench manufacturer DCNSHow to enforce the NDA? Use some trusted third party/ arbitrator14
Non-Disclosure Agreement (NDA): Today15
Non-Disclosure Agreement (NDA): TodayExpensive andTime consumingProcess15
Our Solution based on Smart Contract NDA time-locked deposit Aim: Provide a receiver of a confidentialdocument with a primary incentiveto maintain non-disclosure16
Our Solution based on Smart Contract NDA time-locked deposit Aim: Provide a receiver of a confidentialdocument with a primary incentiveto maintain non-disclosureThe sender and the receiver create a smart contract, where the receiver puts money in a time-lock deposit such that- the deposit contract includes private/secret keys from both parties After the time out, the deposit money returns to the receiver However, if the sender obtain the secret key for the receiver, it canwithdraw the deposit money any time earlier16
Our Solution based on Smart Contract NDA time-locked deposit Aim: Provide a receiver of a confidentialdocument with a primary incentiveto maintain non-disclosureThe sender and the receiver create a smart contract, where the receiver puts money in a time-lock deposit such that- the deposit contract includes private/secret keys from both parties After the time out, the deposit money returns to the receiver However, if the sender obtain the secret key for the receiver, it canwithdraw the deposit money any time earlierWe secure and privately embed the secret key in documents usingoblivious transfer, robust watermarking, and ZK proofs16
Reliability and Scalability
Blockchain Consensus Permissionless Setting Anybody interested can be a validatorProof of work-based consensusSlower (a few minutes)18
Blockchain Consensus Permissionless Setting Anybody interested can be a validatorProof of work-based consensusSlower (a few minutes)Permissioned Setting The pre-defined-but-adaptive set of validatorsAsynchronous Atomic BroadcastFast and cheap (mater of a few seconds)18
Blockchain Consensus Permissionless Setting Anybody interested can be a validatorProof of work-based consensusSlower (a few minutes)Permissioned Setting The pre-defined-but-adaptive set of validatorsAsynchronous Atomic BroadcastFast and cheap (mater of a few seconds)Sawtooth Lake18
Scalability in the Permissionless Setting Payment ChannelsChannel establishment with predetermined partySeveral transactions ina scalable mannerTIM RUFFING,@REAL OR RANDOMFast transactions(no double-spending)LIAR, LIAR, COINS ON FIRE!19
Bitcoin Payment Channels54 32 1 020
Bitcoin Payment Channels54 32 1 020
Bitcoin Payment Channels54 32 1 020
Payment Channel Networks Extending Payment channel transactions across differentparties to allow multi-hop scalable transactions21
Public Ledger and Privacy
Linkability of Bitcoin PseudonymsBitcoin TransactionInputAddressesOutputAddressesA: B70.345B': B1A’: 69.345σAB'AA'23
Linkability of Bitcoin PseudonymsBitcoin TransactionInputAddressesOutputAddressesA: B70.345B': B1A’: 69.345σAB'AA'23
Linkability of Bitcoin PseudonymsB'C'D'AA'A''A'''24
Deanonymization Attacks in Practice25
Deanonymization Attacks in PracticeBitcoin Deanonymization[Meiklejohn et al., IMC'13]25
Deanonymization Attacks in RippleLabsRippleLabsBitcoin Deanonymization[Meiklejohn et al., IMC'13]Ripple Deanonymization[Moreno-Sanchez et al., PETS'16]25
Transactions Unlinkability Several Solutions(with different properties, assumptions, and compatibility) Zerocoin, Zerocash Coinjoin- Mixcoin, Coinshuffle, Coinshuffle , Tumblebit, Monero PathShuffle26
Privacy: Open Challenges27
In the Future The Interledger Protocolhttps://www.w3.org/community/interledger Several distributed/decentralized/centralized ledger solutions arecoming up Performing transactions across different ledgers28
Our Internet of Value Research Team PhD Students and PostDocTim RuffingPedro Moreno-SanchezSze yiu ChauSrivatsan RaviEaswar Mangipudi29
Our Internet of Value Research Team PhD Students and PostDocTim RuffingPedro Moreno-SanchezSze yiu ChauSrivatsan RaviEaswar Mangipudi Masters and Undergraduate AssistantsSiddharth GuptaKrutarth R RaoMahimna Kelkar29
Take home messageEver Changing Landscape of CommunicationOur Research ThrustsScienceBlockchain forEverything!urvive,ay not smsiecnibuted-curreCrypto oncept of distr to staycebut the ckchain is in Smart Contracts 8Privacy: Open ChallengesSelf executing scripts/program program that directly controls thetransfer of digital currencies or assets between parties undercertain conditionsSelf-ImposableTrustlessFasterCheaper Example Contracts: Assurance contracts/crowd fundingpayment channels for fast paymentsfair exchanges and lotteries Non-equivocation contracts [CCS ’15] 112330
Our Application: Non-Disclosure Agreements Non-Disclosure Agreement—NDA A legal contract between two parties that outlines confidential material that the parties wish to share with one another Also known as confidentiality agreement (CA), confidential disclosure agreement (CDA), proprietary information agreement (PIA), etc