Security Aspects of Distributed Ledger Technologies
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Securing the Chain
Securing the chain KPMG International kpmg.com/blockchain360 Foreword It’s no secret that blockchain1 is a potential game changer in financial services and other industries. This is evident by the US$1B investment2 in the technology last year alone. Or the fact that you don’t have to look very far for blockchain use cases, which are as diverse as a foreign exchange market in financial services to the pork supply chain in consumer retailing. Some even see blockchain as a “foundational” technology set to disrupt, enable and change business processing, as we know it across industries. To date, much of the blockchain frenzy has centered on its vast transformative potential across entire industries. So, organizations have focused squarely on “how” they can use blockchain for business. Yet, as more proof of concepts move toward practical implementations and cyber threats rapidly grow in number and sophistication, security and risk management can no longer take a backseat. In addition to “how”, the question then becomes, “Is blockchain secure for my business?” Simply put, it can be. But, not by just turning the key. Security will depend on a variety of factors, none the least of which requires a robust risk management framework. Consider, for example, that as many as half of vulnerability exploitations occur within 10 to 100 days after they are published according to one study3. Then add in the number of threats that are already known. Next, factor in the plethora of unknowns that accompany emerging technologies and you quickly see why a comprehensive view of your risk and threat landscape is necessary. -
Enforcement Trends in Cryptocurrency
Latham & Watkins Financial Institutions Group & White Collar December 9, 2015 | Number 1904 Defense & Investigations Practice Enforcement Trends in Cryptocurrency Cryptocurrency is on the rise...and so are enforcement actions. In less than a decade, cyptocurrencies have grown from a novelty reserved for those dealing in the illicit into a robust platform embraced by financial institutions and businesses alike. Wall Street and strategic investors have increasingly taken note, working to adapt their technology, streamline market trading and integrate cryptocurrency into everyday financial transactions. The rapid adoption of cryptocurrencies has also led to increased government enforcement activity. These actions evidence US regulators’ appetite to investigate fraud and other violations linked to cryptocurrency — often using traditional laws and regulations. Given this increased government scrutiny, financial institutions and traders should understand how regulators have policed the virtual world in the past in order to be prepared for the future. Government Enforcement Actions in the Cryptocurrency Space Unsurprisingly, government regulators, including the Securities and Exchange Commission (SEC), the Department of Justice (DOJ), the Commodities Futures Trading Commission (CFTC), the Federal Trade Commission (FTC) and the Financial Crimes Enforcement Network (FinCEN), have become increasingly active in policing the cryptocurrency space. The below enforcement actions provide a bird’s-eye view of how the enforcement framework for cryptocurrencies -
YEUNG-DOCUMENT-2019.Pdf (478.1Kb)
Useful Computation on the Block Chain The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters Citation Yeung, Fuk. 2019. Useful Computation on the Block Chain. Master's thesis, Harvard Extension School. Citable link https://nrs.harvard.edu/URN-3:HUL.INSTREPOS:37364565 Terms of Use This article was downloaded from Harvard University’s DASH repository, and is made available under the terms and conditions applicable to Other Posted Material, as set forth at http:// nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of- use#LAA 111 Useful Computation on the Block Chain Fuk Yeung A Thesis in the Field of Information Technology for the Degree of Master of Liberal Arts in Extension Studies Harvard University November 2019 Copyright 2019 [Fuk Yeung] Abstract The recent growth of blockchain technology and its usage has increased the size of cryptocurrency networks. However, this increase has come at the cost of high energy consumption due to the processing power needed to maintain large cryptocurrency networks. In the largest networks, this processing power is attributed to wasted computations centered around solving a Proof of Work algorithm. There have been several attempts to address this problem and it is an area of continuing improvement. We will present a summary of proposed solutions as well as an in-depth look at a promising alternative algorithm known as Proof of Useful Work. This solution will redirect wasted computation towards useful work. We will show that this is a viable alternative to Proof of Work. Dedication Thank you to everyone who has supported me throughout the process of writing this piece. -
Pow, Pos, & Hybrid Protocols: a Matter of Complexity?
PoW, PoS, & Hybrid protocols: A Matter of Complexity? Renato P. dos Santos Blockchain Researcher at ULBRA – The Lutheran University of Brazil [email protected]. Melanie Swan Technology Theorist and Founder at Institute for Blockchain Studies [email protected] Abstract In a previous paper, it was discussed whether Bitcoin and/or its blockchain could be considered a complex system and, if so, whether a chaotic one, a positive response raising concerns about the likelihood of Bitcoin/blockchain entering a chaotic regime, with catastrophic consequences for financial systems based on it. This paper intends to simplify and extend that analysis to other PoW, PoS, and hybrid protocol-based cryptocurrencies. As before, this study was carried out with the help of Information Theory of Complex Systems, in general, and Crutchfield’s Statistical Complexity measure, in particular. This paper is a work-in-progress. Whereas PoW consensus was shown to be highly non-complex, the Nxt PoS consensus method studied shows an outstandingly higher measure of complexity, which is undesirable because it introduces unnecessary complexity into what should be a simple computational system. This paper is a work-in-progress and undoubtedly prone to incorrectness as a few cryptocurrencies may have changed their consensus algorithms. As next step, we intend to uncover some other measures that capture the qualitative notion of complexity of systems that can be applied to these cryptocurrencies to compare with the results here obtained. As a final thought, however, considering that a certain amount of chaoticity may have been potentially introduced in the Bitcoin market by the presence of the capital gains-seekers, one could wonder whether the recent surge of blockchain technology-based start-ups, even discounting all the scam cases, could not help to reduce non-linearity and prevent chaos. -
Blockchain Healthcare & Policy Synopsis
Blockchain Healthcare & Policy Synopsis AN EXECUTIVE REPORT OF THE U.S. DEPARTMENT OF HEALTH AND HUMAN SERVICES & NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY’S BLOCKCHAIN CHALLENGE October 2016 digitalchamber.org Table of Contents PART I: Blockchain in Healthcare and Research Workshop | 3 | I. Overview & Key Takeaways | 3 | II. Introduction: The White House II.I. Tim Polk, The White House, Office of Science and Technology Policy | 4 | III. Blockchain Level Setting III.I. John Kelsey, National Institute of Standards and Technology | 4 | III.II. Lily Chen, National Institute of Standards and Technology | 5 | IV. Blockchain Reality Check - Alternative IV.I. Evaluating Blockchain and Alternatives: Mance Harmon, Ping Identity | 5 | IV.II. Blockchain Challenges in Real Life: Stephen Wilson, Constellation Research | 6 | IV.III. “Fit for Purpose” Distributed Ledger Technology: Drummond Reed, Respect Network | 6 | V. Blockchain Reality Check - Challenges V.I. DHS Identity Innovations Grants: Many Sporny, Digital Bazaar | 7 | V.II. IoT Device Identity: Tiana Laurence and Andrew Yashchuk, Factom IRIS | 7 | V.III. Decentralized Identifiers (DIDs): Solving the Root Identity Problem, Drummond Reed, Respect Network | 7 | V.IV. Decentralized Certification Service, Adam Migus, XCELERATE Solutions | 8 | VI. Blockchain Challenge Presentations VI.I. Blockchain: The Chain of Trust and its Potential to Transform Healthcare – IBM’s Point of View Srini Attili and Shahram Ebdollahi, IBM Global Business Service Public Sector | 8 | VI.II. Blockchain: Securing -
Virtual Currencies and Terrorist Financing : Assessing the Risks And
DIRECTORATE GENERAL FOR INTERNAL POLICIES POLICY DEPARTMENT FOR CITIZENS' RIGHTS AND CONSTITUTIONAL AFFAIRS COUNTER-TERRORISM Virtual currencies and terrorist financing: assessing the risks and evaluating responses STUDY Abstract This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the TERR Committee, explores the terrorist financing (TF) risks of virtual currencies (VCs), including cryptocurrencies such as Bitcoin. It describes the features of VCs that present TF risks, and reviews the open source literature on terrorist use of virtual currencies to understand the current state and likely future manifestation of the risk. It then reviews the regulatory and law enforcement response in the EU and beyond, assessing the effectiveness of measures taken to date. Finally, it provides recommendations for EU policymakers and other relevant stakeholders for ensuring the TF risks of VCs are adequately mitigated. PE 604.970 EN ABOUT THE PUBLICATION This research paper was requested by the European Parliament's Special Committee on Terrorism and was commissioned, overseen and published by the Policy Department for Citizens’ Rights and Constitutional Affairs. Policy Departments provide independent expertise, both in-house and externally, to support European Parliament committees and other parliamentary bodies in shaping legislation and exercising democratic scrutiny over EU external and internal policies. To contact the Policy Department for Citizens’ Rights and Constitutional Affairs or to subscribe to its newsletter please write to: [email protected] RESPONSIBLE RESEARCH ADMINISTRATOR Kristiina MILT Policy Department for Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: [email protected] AUTHORS Tom KEATINGE, Director of the Centre for Financial Crime and Security Studies, Royal United Services Institute (coordinator) David CARLISLE, Centre for Financial Crime and Security Studies, Royal United Services Institute, etc. -
CASP) Software-Only, Ledger Agnostic, Platform Agnostic, Crypto Agile Bank-Grade Security for Crypto Assets
Protect Your Crypto Assets with Unbound’s Crypto Assets Security Platform (CASP) Software-Only, Ledger Agnostic, Platform Agnostic, Crypto Agile Bank-Grade Security for Crypto Assets Mathematically proven security Cryptography is one of the foundational security elements used by guarantee – the key material never organizations to protect sensitive data, transactions, services and identities. exists in the clear throughout its At the core of any cryptography implementation is the management of lifecycle including creation, in-use cryptographic keys and their protection from compromise and misuse. and at-rest With crypto assets, the protection of private keys is top priority, since the Any currency, any ledger, any private key is used to sign each transaction. It is therefore mandatory platform, any client to keep the key secure – not only from compromise, but also from any Programmatically derived malicious usage – as it takes only one fraudulent transaction (i.e. a single sign addresses (BIP 32/44) that are operation, to empty a wallet). cryptographically protected Backed by proven mathematical guarantees of security, Unbound’s Crypto Stronger and more flexible than Asset Security Platform (CASP) provides its customers with a software-only multi-signature – ledger-agnostic support of flexible quorum security platform that is as safe as hardware. With CASP, one can fully manage structures, any number of human the keys’ lifecycle, define cryptographically-based approval policies, while and/or servers, internal and supporting any currency, any ledger, any platform and any client type. external, that are required to sign a transaction Any Currency, Any Ledger, Any Platform Infinite scalability – easily scale capacity when and where it is Traditionally, securing the keys and secrets that guard the organizations’ most needed valuable assets required the use of dedicated hardware, such as hardware Intuitive and easy to use SDK – security modules (HSMs) and smartcards. -
Chancen Und Herausforderungen Von DLT (Blockchain) in Mobilität Und Logistik
Chancen und Herausforderungen von DLT (Blockchain) in Mobilität und Logistik FRAUNHOFER-INSTITUT FÜR ANGEWANDTE INFORMATIONSTECHNIK FIT CHANCEN UND HERAUSFORDERUNGEN VON DLT (BLOCKCHAIN) IN MOBILITÄT UND LOGISTIK Prof. Dr. Gilbert Fridgen Prof. Dr. Nikolas Guggenberger Prof. Dr. Thomas Hoeren Prof. Wolfgang Prinz (PhD) Prof. Dr. Nils Urbach Johannes Baur, Henning Brockmeyer, Wolfgang Gräther, Elisaweta Rabovskaja, Vincent Schlatt, André Schweizer, Johannes Sedlmeir, Lars Wederhake Vielen Dank den weiteren Mitwirkenden: Matthias Babel, Martin Brennecke, Patrick Camus, Benedict Drasch, Tobias Guggenberger, Luis Lämmermann, Jannik Lockl, Sven Radszuwill, Alexander Rieger, Marco Schmidt, Nico Thanner, Patrick Troglauer, Florian Vogt, Malte Weißert, Felix Würmseher Inhalt 1 Management Summary .......................................................................................................... 1 1.1 Zielsetzung des Gutachtens ..............................................................................................................1 1.2 Allgemeine Analyse..........................................................................................................................2 1.2.1 Technische Betrachtung ...................................................................................................................................... 2 1.2.2 Gesellschaftlich-ökonomische Perspektive ......................................................................................................... 3 1.2.2.1 Status quo ...................................................................................................................................................... -
Linking Wallets and Deanonymizing Transactions in the Ripple Network
Proceedings on Privacy Enhancing Technologies ; 2016 (4):436–453 Pedro Moreno-Sanchez*, Muhammad Bilal Zafar, and Aniket Kate* Listening to Whispers of Ripple: Linking Wallets and Deanonymizing Transactions in the Ripple Network Abstract: The decentralized I owe you (IOU) transac- 1 Introduction tion network Ripple is gaining prominence as a fast, low- cost and efficient method for performing same and cross- In recent years, we have observed a rather unexpected currency payments. Ripple keeps track of IOU credit its growth of IOU transaction networks such as Ripple [36, users have granted to their business partners or friends, 40]. Its pseudonymous nature, ability to perform multi- and settles transactions between two connected Ripple currency transactions across the globe in a matter of wallets by appropriately changing credit values on the seconds, and potential to monetize everything [15] re- connecting paths. Similar to cryptocurrencies such as gardless of jurisdiction have been pivotal to their suc- Bitcoin, while the ownership of the wallets is implicitly cess so far. In a transaction network [54, 55, 59] such as pseudonymous in Ripple, IOU credit links and transac- Ripple [10], users express trust in each other in terms tion flows between wallets are publicly available in an on- of I Owe You (IOU) credit they are willing to extend line ledger. In this paper, we present the first thorough each other. This online approach allows transactions in study that analyzes this globally visible log and charac- fiat money, cryptocurrencies (e.g., bitcoin1) and user- terizes the privacy issues with the current Ripple net- defined currencies, and improves on some of the cur- work. -
IFRS: Accounting for Crypto-Assets
IFRS (#) Accounting for crypto-assets Contents 1. Introduction 1 2. What are crypto-assets? 2 2.1. Cryptocurrencies 3 2.2. Tokens (crypto-assets other than cryptocurrencies) 5 3. Accounting for crypto-assets 10 3.1. Selected activities of standard setters 10 3.2. Special situations 13 3.3. Conclusion 15 4. Supporting details 16 5. Contacts 21 1 Introduction Crypto-assets experienced a breakout year in 2017. Cryptocurrencies, such as bitcoin and ether, have seen their prices surge as the public’s YoYj]f]kk`Ykaf[j]Yk]\$Yf\ÕfYf[aYdeYjc]lhYjla[ahYflk`Yn]l`mk af[j]Ykaf_dqlmjf]\l`]ajYll]flagflgl`]h`]fge]fgf&KaemdlYf]gmkdq$ a wave of new crypto-asset issuance has been sweeping the start-up fundraising world, sparking the interest of regulators in the process. 9[[gmflYflk`Yn]l`mk^YjZ]]ffglYZd]Zql`]ajj]dYlan]YZk]f[]^jge l`YlfYjjYlan]&H]j`Yhk$egklfglYZd]akl`]^Y[ll`Yll`]9mkljYdaYf 9[[gmflaf_KlYf\Yj\k:gYj\ 99K:!`YkkmZeall]\Y\ak[mkkagfhYh]j gfÉ\a_alYd[mjj]f[a]kÊlgl`]Afl]jfYlagfYd9[[gmflaf_KlYf\Yj\k :gYj\ A9K:!$Yf\l`]9[[gmflaf_KlYf\Yj\k:gYj\g^BYhYf 9K:B! `Ykakkm]\Yf]phgkmj]\jY^l^gjhmZda[[gee]flgfY[[gmflaf_^gj “virtual currencies”.1AfY\\alagf$l`]A9K:\ak[mkk]\[]jlYaf^]Ylmj]kg^ ljYfkY[lagfkafngdnaf_\a_alYd[mjj]f[a]k\mjaf_alke]]laf_afBYfmYjq *()0$Yf\oadd\ak[mkkaf^mlmj]o`]l`]jlg[gee]f[]Yj]k]Yj[`hjgb][l in this area.1 L`akYdkg`a_`da_`lkl`]dY[cg^YklYf\Yj\ar]\[jqhlg%Ykk]llYpgfgeq$ o`a[`eYc]kal\a^Õ[mdllg\]l]jeaf]l`]Yhhda[YZadalqg^klYf\Yj\k]ll]jkÌ hmZdak`]\h]jkh][lan]k&>mjl`]jegj]$\m]lgl`]\an]jkalqYf\hY[]g^ affgnYlagfYkkg[aYl]\oal`[jqhlg%Ykk]lk$l`]^Y[lkYf\[aj[meklYf[]k g^]Y[`af\ana\mYd[Yk]oadd\a^^]j$eYcaf_al\a^Õ[mdllg\jYo_]f]jYd [gf[dmkagfkgfl`]Y[[gmflaf_lj]Yle]fl& <]khal]l`]eYjc]lÌkaf[j]Ykaf_dqmj_]flf]]\^gjY[[gmflaf__ma\Yf[]$ l`]j]`Yn]Z]]ffg^gjeYdhjgfgmf[]e]flkgfl`aklgha[lg\Yl]& Afl`akj]hgjl$o]YaelgÕjklZja]Öqafljg\m[][jqhlg[mjj]f[a]kYf\ gl`]jlqh]kg^[jqhlg%Ykk]lk&L`]f$o]\ak[mkkkge]g^l`]j][]fl activities by accounting standard setters in relation to crypto-assets. -
GJR-GARCH Volatility Modeling Under NIG and ANN for Predicting Top Cryptocurrencies
Journal of Risk and Financial Management Article GJR-GARCH Volatility Modeling under NIG and ANN for Predicting Top Cryptocurrencies Fahad Mostafa 1,* , Pritam Saha 2, Mohammad Rafiqul Islam 3 and Nguyet Nguyen 4,* 1 Department of Mathematics and Statistics, Texas Tech University, Lubbock, TX 79409, USA 2 Rawls College of Business, Texas Tech University, Lubbock, TX 79409, USA; [email protected] 3 Department of Mathematics, Florida State University, Tallahassee, FL 32306, USA; [email protected] 4 Department of Mathematics and Statistics, Youngstown State University, Youngstown, OH 44555, USA * Correspondence: [email protected] (F.M.); [email protected] (N.N.) Abstract: Cryptocurrencies are currently traded worldwide, with hundreds of different currencies in existence and even more on the way. This study implements some statistical and machine learning approaches for cryptocurrency investments. First, we implement GJR-GARCH over the GARCH model to estimate the volatility of ten popular cryptocurrencies based on market capitalization: Bitcoin, Bitcoin Cash, Bitcoin SV, Chainlink, EOS, Ethereum, Litecoin, TETHER, Tezos, and XRP. Then, we use Monte Carlo simulations to generate the conditional variance of the cryptocurrencies using the GJR-GARCH model, and calculate the value at risk (VaR) of the simulations. We also estimate the tail-risk using VaR backtesting. Finally, we use an artificial neural network (ANN) for predicting the prices of the ten cryptocurrencies. The graphical analysis and mean square errors (MSEs) from the ANN models confirmed that the predicted prices are close to the market prices. For some cryptocurrencies, the ANN models perform better than traditional ARIMA models. Citation: Mostafa, Fahad, Pritam Saha, Mohammad Rafiqul Islam, and Keywords: artificial neural network; cryptocurrency; GJR-GARCH; NIG; Monte Carlo simulation; Nguyet Nguyen. -
2016-05-31 Overview of Swirlds Hashgraph
Overview of Swirlds Hashgraph Leemon Baird [email protected] May 31, 2016 The hashgraph data structure and Swirlds consensus algorithm provide a new platform for distributed consensus. This paper gives an overview of some of its properties, and comparisons with the Bitcoin blockchain. In this paper, the term “blockchain” will generally refer to the system used in Bitcoin, rather than the large number of variants that have been proposed. The goal of a distributed consensus algorithm is to allow a community of users to come to an agreement on the order in which some of them generated transactions, when no single member is trusted by everyone. In this way, it is a system for generating trust, when individuals do not already trust each other. The Swirlds hashgraph system achieves this along with being fair, fast, provable, Byzantine, ACID compliant, efficient, inexpensive, timestamped, DoS resistant, and optionally non-permissioned. This is what those terms mean: The hashgraph is fair, because no individual can manipulate the order of the transactions. For example, imagine a stock market, where Alice and Bob both try to buy the last available share of a stock at the same moment for the same price. In blockchain, a miner might put both those transactions in a single block, and have complete freedom to choose what order they occur. Or the miner might choose to only include Alice’s transaction, and delay Bob’s to some future block. In the hashgraph, there is no way for an individual to affect the consensus order of those transactions. The best Alice can do is to invest in a better internet connection so that her transaction reaches everyone before Bob’s.