DOCSLIB.ORG

Two-Tier Blockchain Timestamped Notarization with Incremental Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Two-Tier Blockchain Timestamped Notarization with Incremental Security Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Two-tier blockchain timestamped notarization with incremental security A. Meneghetti, A. Ottaviano Quintavalle, M. Sala, A. Tomasi University of Trento - University of Sheffield - Bruno Kessler Foundation DLT 19 - Pisa - February 12th 2019 Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Overview Aim Protocol to provide I Integrity I Authenticity I Existence at a given time of data. Customer: financial sector Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Related Protocols Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Known protocols - Seminal Work I The hash h(d) of data d is sent to a Trusted Timestamping Authority A I returns a signed statement τ A τ = h(d) t σA (:::) jj jj Stuart Haber and W. Scott Stornetta. How to time-stamp a digital document. Journal of Cryp- tology, 3(2):99{111, 1991. Presented at CRYPTO 1990. Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Known protocols - RFC 3161 I The hash h(d) of data d is sent to a Trusted Timestamping Authority A I returns a signed statement τ A τ = h ( h(d) t ) σA (:::) jj jj IETF RFC 3161. Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP), 08 2001. Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Known protocols - RFC3161 These schemes place all trust in the hands of the authority A in practice trust is distributed among several stakeholders with successive timestamps. Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Known protocols - Tree-Linked timestamping I The server collects all requests made in a time interval A [tk−1; tk ). I constructs a Merkle tree using the requests. A I The root of the Merkle tree is linked to the Merkle trees of previous time intervals. Dave Bayer, Stuart Haber, and W. Scott Stornetta. Improving the efficiency and reliability of digital time-stamping. Sequences II - Methods in Communication, Security, and Computer Science, pages 329{334. Springer, New York, NY, 1991. Stuart Haber and W. Scott Stornetta. Secure names for bit-strings. In 4th ACM conference on Computer and communications security (CCS), pages 28{35. ACM New York, NY, USA, 1997. Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Known protocols - Tree-Linked timestamping R4 R3 r4 h(d1) h(d ) R2 r3 2 . h(d1) h(d ) R1 r2 2 . R0 r1 Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Known protocols - Tree-Linked timestamping The integrity of the public repository of root hashes is the only requirement on which the authenticity of a document with receipt relies. Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Two-tier blockchain timestamping Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security The Network U8 U9 M6 M4 U1 U7 M5 M7 M8 M2 U2 A U3 M9 M3 U4 U6 M1 U5 Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Users U2 U4 U1 U3 I Send the signature of a document on a public ledger (through a proxy ledger) I Verify the integrity of the document at any time Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Miners M2 M1 M3 I Receive the data from Users I Create the blocks of a proxy ledger containing the informations to save Users' data I Create receipts for the users to perform data integrity verification Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Auxiliary Node A I Periodically anchors the proxy blockchain into a public ledger Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security The Protocol Transactions tr1,1 tr1,2 RI1 ··· 1st BLOCK 2nd BLOCK 3rd BLOCK tr1,n1 tr2,1 Other Data Other Data Other Data tr2,2 RI2 ··· RI1 RI1 RI1 tr2,n 2 RI2 RI2 RI2 RI RI RI tr3,1 3 3 3 R1 R2 R2 tr3,2 RI3 ··· tr3,n3 R1 HASH1 R2 HASH2 R3 HASH3 RE Transaction to Public Ledgers [ ID RE signature ] || || Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Three-steps incremental security 1. First Receipt: evidence issued by the service node receiving data. 2. Second Receipt: evidence issued by the service node that create blocks in the proxy blockchain. 3. Third Receipt: evidence issued by the auxiliary node and referring to a public blockchain. A Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Proof of Security Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Proofs of Security - Assumptions I everyone's keys are managed by a trusted PKI; I the public blockchain is trustworthy; I the Hash function is collision resistant; I the Digital Signature d = DS(hash(document)) does not allow to retrieve hash(document). Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Proofs of Security Users I Transaction Forgery: the attacker pretend to be a valid user and send a fake transaction; Digital Signature − I Ghost Document: a valid user protects a new document with a previous or fake transaction. Hash Function − Miner I Transaction Forgery: modification of a valid transaction to damage a valid user; Digital Signature − I Receipt Forgery: creation of a fake receipt for a valid transaction from a valid user. Hash Function − Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Proofs of Security Auxiliary Node I Anchoring Forgery: creation of a fake anchor (transaction to a public ledger) or creation of fake informations on a valid anchor. Hash Function − Together I Fake Ownership: the Auxiliary Node, all the miners and a malevolent user work together to steal the property of a document from an honest user. Digital Signature − Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Next steps... I Distribute the role of the Auxiliary node A I Detail and discuss possible consensus algorithms I Proxy blockchain: permissioned VS permissionless Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Thank you! Some partial results of this paper have been presented at the Euregio Blockchain Conference (2018). The more advanced results have been funded by the project MIUR PON \Distributed Ledgers for Secure Open Communities". Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation.
Load more

Recommended publications
  • Officer Data Card (Odc) Dissemination Policy, Model, and Blockchain-Based Accountability Mechanism
    Calhoun: The NPS Institutional Archive DSpace Repository Theses and Dissertations 1. Thesis and Dissertation Collection, all items 2018-06 OFFICER DATA CARD (ODC) DISSEMINATION POLICY, MODEL, AND BLOCKCHAIN-BASED ACCOUNTABILITY MECHANISM Gentile, Brett Monterey, CA; Naval Postgraduate School http://hdl.handle.net/10945/59665 Downloaded from NPS Archive: Calhoun NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS OFFICER DATA CARD (ODC) DISSEMINATION POLICY, MODEL, AND BLOCKCHAIN-BASED ACCOUNTABILITY MECHANISM by Brett Gentile June 2018 Thesis Advisor: Cynthia E. Irvine Second Reader: Theodore D. Huffmire Approved for public release. Distribution is unlimited. THIS PAGE INTENTIONALLY LEFT BLANK Form Approved OMB REPORT DOCUMENTATION PAGE No. 0704-0188 Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instruction, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington, DC 20503. 1. AGENCY USE ONLY 2. REPORT DATE 3. REPORT TYPE AND DATES COVERED (Leave blank) June 2018 Master's thesis 4. TITLE AND SUBTITLE 5. FUNDING NUMBERS OFFICER DATA CARD (ODC) DISSEMINATION POLICY, MODEL, AND BLOCKCHAIN-BASED ACCOUNTABILITY MECHANISM 6. AUTHOR(S) Brett Gentile 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING Naval Postgraduate School ORGANIZATION REPORT Monterey, CA 93943-5000 NUMBER 9.
    [Show full text]
  • Two-Tier Blockchain Timestamped Notarization with Incremental Security
    Two-tier blockchain timestamped notarization with incremental security Alessio Meneghetti1, Armanda Ottaviano Quintavalle2, Massimiliano Sala1, and Alessandro Tomasi3 1 Department of Mathematics, University of Trento, Trento, Italy 2 LDSD, Department of Physics and Astronomy, University of Sheffield, Sheffield, UK 3 Security and Trust, Fondazione Bruno Kessler, Trento, Italy Abstract Digital notarization is one of the most promising services offered by modern blockchain- based solutions. We present a digital notary design with incremental security and cost reduced with respect to current solutions. A client of the service receives evidence in three steps. In the first step, evidence is received almost immediately, but a lot of trust is required. In the second step, less trust is required, but evidence is received seconds later. Finally, in the third step evidence is received within minutes via a public blockchain. 1 Introduction The solution here described was commissioned to provide a customer in the financial sector with evidence to corroborate its statement of the integrity, authenticity, and existence at a given time of its data. This is closely related to the problems known as secure timestamping and notarization. The commission was made with the very specific requirement that it should make use of a privately run blockchain-based service anchored to a public blockchain, but at the same time still be capable of working without the private ledger, if it should cease to operate. We find it interesting to discuss how this design challenge can be met, and what security guarantees it can offer. Digital timestamping and blockchain have been linked from inception. The bitcoin whitepa- per [14] explicitly cites the linked timestamping work by Haber and Stornetta [8] with Merkle trees [13] as efficiency improvement [4].
    [Show full text]
  • Blockchain-Based Supply Chain for Postage Stamps
    Blockchain-Based Supply Chain for Postage Stamps Article Blockchain-Based Supply Chain for Postage Stamps Yury Yanovich 1, 2, 3, *, Igor Shiyanov 4, Timur Myaldzin 4, 5, Ivan Prokhorov 1, 5, Darya Korepanova 1, 6 and Sergey Vorobyov 1, 6 1 Software Department, Bitfury, 1016 BP, Amsterdam, The Netherlands; [email protected] (I.P.); [email protected] (D.K.); [email protected] (S.V.) 2 Center for Computational and Data-Intensive Science and Engineering, Skolkovo Institute of Science and Technology (Skoltech), 121205, Moscow, Russia 3 Laboratory of Data Mining and Predictive Modeling, Institute for Information Transmission Problems (IITP RAS), 127051, Moscow, Russia 4 Strategy Office, Russian Post, 131000, Moscow, Russia; [email protected] (I.S.); [email protected] (T.M.) 5 Department of Geography of World Economy, Faculty of Geography, Lomonosov Moscow State University, 119991, Moscow, Russia 6 Faculty of Computer Science, Higher School of Economics, 125319, Moscow, Russia * Correspondence: [email protected]; Tel.: +7-919-770-9649 Received: 18 September 2018; Accepted: 11 November 2018; Published: 15 November 2018 Abstract: Counterfeit and unaccounted postage stamps used on mailings cost postal administrations a significant amount of money each year. Corporate and individual clients become victim to stamp fraud and incur losses when security teams investigate such mailings. The blockchain technology is supposed to be a solution to make postage stamps market transparent and to guarantee invariability of stamps volume produced and used. The blockchain-based supply chain for postage stamps is introduced in the article. Keywords: blockchain; supply chain; digital token 1 Blockchain-Based Supply Chain for Postage Stamps 1.
    [Show full text]
  • How to Use Blockchain in Enterprise World?
    How to use blockchain in enterprise world? An exploratory research on the possibilities and limitations of implementing blockchain based solutions in the real estate industry Master thesis title How to use blockchain in enterprise world? - An exploratory research on the possibilities and limitations of implementing blockchain based solutions in the real estate industry Student Hunor Vadasz-Perhat Student ID 64442 University Roskilde University (RUC) Universitetsvej 1., Postbox 260, 4000 Roskilde, Denmark Department Computer Science and Informatics (M.Sc.) Supervisor Professor John Patrick Gallagher 1 Abstract The real estate market has an importance on the overall economy. A real estate crisis that the world has recently experienced lead to long lasting and serious consequences both on a micro and macro level. Besides, such crashes that tend to happen the real estate market also suffers from inefficient transaction processes, problems with transparency, illiquidity and high transaction costs. The goal of this master thesis is to examine the possibilities and limitations of implementing Blockchain based solution for the real estate industry. Blockchain is a new and emerging technology with potentials that can have an impact on several areas of life, including the real estate market. In order to be able to answer the research question that is formulated in the thesis there will be provided an extensive knowledge about Blockchain functionality and it potentials together with its challenges. Furthermore, a background theoretical knowledge will be provided about the real estate market, more precisely about the real estate management process. After the theoretical introduction the thesis will look at how and in which phases of the real estate management process Blockchain could be used.
    [Show full text]
  • Converging Blockchain and Next-Generation Artificial Intelligence Technologies to Decentralize and Accelerate Biomedical Research and Healthcare
    www.impactjournals.com/oncotarget/ Oncotarget, 2018, Vol. 9, (No. 5), pp: 5665-5690 Research Paper Converging blockchain and next-generation artificial intelligence technologies to decentralize and accelerate biomedical research and healthcare Polina Mamoshina1,2, Lucy Ojomoko1, Yury Yanovich3, Alex Ostrovski3, Alex Botezatu3, Pavel Prikhodko3, Eugene Izumchenko4, Alexander Aliper1, Konstantin Romantsov1, Alexander Zhebrak1, Iraneus Obioma Ogu5 and Alex Zhavoronkov1,6 1 Pharmaceutical Artificial Intelligence Department, Insilico Medicine, Inc., Emerging Technology Centers, Johns Hopkins University at Eastern, Baltimore, Maryland, USA 2 Department of Computer Science, University of Oxford, Oxford, United Kingdom 3 The Bitfury Group, Amsterdam, Netherlands 4 Department of Otolaryngology-Head & Neck Surgery, Johns Hopkins University School of Medicine, Baltimore, MD, USA 5 Africa Blockchain Artificial Intelligence for Healthcare Initiative, Insilico Medicine, Inc, Abuja, Nigeria 6 The Biogerontology Research Foundation, London, United Kingdom Correspondence to: Alex Zhavoronkov, email: [email protected] Keywords: artificial intelligence; deep learning; data management; blockchain; digital health Received: October 19, 2017 Accepted: November 02, 2017 Published: November 09, 2017 Copyright: Mamoshina et al. This is an open-access article distributed under the terms of the Creative Commons Attribution License 3.0 (CC BY 3.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. ABSTRACT The increased availability of data and recent advancements in artificial intelligence present the unprecedented opportunities in healthcare and major challenges for the patients, developers, providers and regulators. The novel deep learning and transfer learning techniques are turning any data about the person into medical data transforming simple facial pictures and videos into powerful sources of data for predictive analytics.
    [Show full text]
  • Two-Tier Blockchain Timestamped Notarization with Incremental Security
    Two-tier blockchain timestamped notarization with incremental security Alessio Meneghetti1, Armanda Ottaviano Quintavalle2, Massimiliano Sala1, and Alessandro Tomasi3 1 Department of Mathematics, University of Trento, Trento, Italy 2 LDSD, Department of Physics and Astronomy, University of Sheffield, Sheffield, UK 3 Security and Trust, Fondazione Bruno Kessler, Trento, Italy Abstract Digital notarization is one of the most promising services offered by modern blockchain- based solutions. We present a digital notary design with incremental security and cost reduced with respect to current solutions. A client of the service receives evidence in three steps. In the first step, evidence is received almost immediately, but a lot of trust is required. In the second step, less trust is required, but evidence is received seconds later. Finally, in the third step evidence is received within minutes via a public blockchain. 1 Introduction The solution here described was commissioned to provide a customer in the financial sector with evidence to corroborate its statement of the integrity, authenticity, and existence at a given time of its data. This is closely related to the problems known as secure timestamping and notarization. The commission was made with the very specific requirement that it should make use of a privately run blockchain-based service anchored to a public blockchain, but at the same time still be capable of working without the private ledger, if it should cease to operate. We find it interesting to discuss how this design challenge can be met, and what security guarantees it can offer. Digital timestamping and blockchain have been linked from inception. The bitcoin whitepa- per [14] explicitly cites the linked timestamping work by Haber and Stornetta [8] with Merkle trees [13] as efficiency improvement [4].
    [Show full text]
  • Crypto 5: Key Exchanges & Snake
    Computer Science 161 Weaver Crypto 5: Key Exchanges & Snake Oil 1 Administrivia! Computer Science 161 Weaver • Project 1 due Friday • Reminder, you have slip days if you need them • If you need to ask for an extension (DSP or not) please fill out the form on the web site! • Homework 3 due Friday the 19th 2 How Can We Communicate With Someone New? Computer Science 161 Weaver • Public-key crypto gives us amazing capabilities to achieve confidentiality, integrity & authentication without shared secrets … • But how do we solve MITM attacks? • How can we trust we have the true public key for someone we want to communicate with? • But we have some good primitives • Public key encryption: With the public key, anyone can encrypt but only the private key decrypts • Signatures: With the public key, anyone can verify but only the private key signs 3 Trusted Authorities Computer Science 161 Weaver • Suppose there’s a party that everyone agrees to trust to confirm each individual’s public key • Say the Governor of California • Issues with this approach? • How can everyone agree to trust them? • Scaling: huge amount of work; single point of failure … • ... and thus Denial-of-Service concerns • How do you know you’re talking to the right authority?? 4 Trust Anchors Computer Science 161 Weaver • Suppose the trusted party distributes their key so everyone has it … • And now think about doing things "off-line": • The trusted entity only has to do work once for each person • And can do it in advance 5 Computer Science 161 Weaver 6 Computer Science 161 Weaver
    [Show full text]
  • Oracle Database
    Thesis no: MECS-2015-15 Evaluation of Data Integrity Methods in Storage: Oracle Database Ognjen Tomanović Oliver Posse Dept. Computer Science & Engineering Blekinge Institute of Technology SE–371 79 Karlskrona, Sweden This thesis is submitted to the Department of Computer Science & Engineering at Blekinge Institute of Technology in partial fulfillment of the requirements for the Degree of Master of Science in Engineering: Computer Security. The thesis is equivalent to 20 weeks of full-time studies. Ericsson AB was a collaborative partner during this theses. The company is a leading global company offering solutions in the area of telecommunication and multimedia. Such solutions include mobile banking, multimedia solutions and network solutions. The company is ISO 9001:2000 certified. The market in which the company operates can be characterized as highly dynamic with high innovation in products and solutions. The development model is market-driven, meaning that the requirements are collected from a large base of potential end-customers without knowing exactly who the customer will be. Furthermore, the market demands high integrity, specifically due to the sensitive nature of the stored data. Contact Information: Authors: Ognjen Tomanović E-mail: [email protected] Oliver Posse E-mail: [email protected] External advisor: Ericsson AB University advisor: Prof. Stefan Axelsson Dept. Computer Science & Engineering Dept. Computer Science & Engineering Internet : www.bth.se Blekinge Institute of Technology Phone : +46 455 38 50 00 SE–371 79 Karlskrona, Sweden Fax : +46 455 38 50 57 i Abstract Context. It is very common today that e-commerce systems store sen- sitive client information. The database administrators of these types of systems have access to this sensitive client information and are able to manipulate it.
    [Show full text]
  • Barbosamarquesdeoliveira Ucc
    IMPROVED DISTRIBUTED LEDGER TRANSACTIONS WITH HOMOMORPHIC COMPUTATIONS by HANES BARBOSA MARQUES DE OLIVEIRA B.S., Universidade Potiguar, Brazil, 2009 A thesis submitted to the Graduate Faculty of the University of Colorado Colorado Springs in partial fulfillment of the requirements for the degree of Master of Science Department of Computer Science 2020 © Copyright by Hanes Barbosa Marques de Oliveira 2020 All Rights Reserved This thesis for the Master of Science degree by Hanes Barbosa Marques de Oliveira has been approved for the Department of Computer Science by Edward C. Chow, Chair Carlos Paz de Araujo Philip N. Brown 3 December 2020 Date ii Barbosa Marques de Oliveira, Hanes (M.S., Computer Science) Improved Distributed Ledger Transactions with Homomorphic Computations Thesis directed by Professor Edward C. Chow ABSTRACT This thesis proposes a model to protect and transfer data ownership securely, driven by Homomorphic Encryption (HE) primitives and protocols applied to private blockchain technologies. Regarding Blockchain-as-a-Service (BaaS), our contribution seeks to alleviate issues such as third-party custody of digital assets, opportunism, and other adversarial issues. We addressed a recurrent challenge in a Distributed Ledger Technology (DLT) by adapting a HE to the inherent blockchain principles. Both blockchain and HE technologies suffer from performance issues, and the combination of these tools can escalate the issue. Therefore, we apply Clifford Algebra as the algebraic structure for devising an efficient solution. We show the relationships between each aspect of the proposed model, the architecture and related principles, along with the concepts and values expected for a BaaS environment. Our prototype performs well with larger keys, where the system demonstrated a linear performance when keys ranged from 128 to 4096 bits, in operations such as encryption, the addition of ciphertexts, and decryption.
    [Show full text]