Short Paper Session 3


5:50 PM — 7:15 PM JST
Jun 27 Sun, 4:50 AM — 6:15 AM EDT

Revisiting Double-Spending Attacks on the Bitcoin Blockchain: New Findings

Jian Zheng, Huawei Huang and Canlin Li (Sun Yat-Sen University, China); Zibin Zheng (Sun Yat-sen University, China); Song Guo (The Hong Kong Polytechnic University, Hong Kong)

Bitcoin is currently the cryptocurrency with the largest market share. Many previous studies have explored the security of Bitcoin from the perspective of blockchain systems. Especially on the double-spending attacks (DSA), some state-of-the-art studies have proposed various analytical models to understand the insights behind the double-spending attacks. However, we believe that advanced versions of DSA can be developed to create new threats for the Bitcoin ecosystem. To this end, this paper mainly presents two new types of double-spending attacks in the context of the Bitcoin blockchain and discloses the insights behind them. By considering more practical network conditions, such as the number of confirmation blocks, the hashpower of the double-spending attacker, the amount of money in the target transaction, and the network-status parameter, we first analyze the success probability of the typical double-spending attack, named Naive DSA. Based on Naive DSA, we create two new types of DSA, i.e., the Adaptive DSA and the Reinforcement Adaptive DSA (RA-DSA). In our analytical models, the double-spending attack is converted into a Markov Decision Process. We then exploit the Stochastic Dynamic Programming (SDP) approach to obtain the optimal attack strategies towards Adaptive DSA and RA-DSA. Numerical simulation results demonstrate the insights between critical network parameters and the expected reward of the two DSA. Through the proposed analytical models, we aim to alert the Bitcoin ecosystem that the threat of double-spending attacks still at a dangerous level. For example, our findings show that the attackers can launch a successful attack with a small hashpower proportion much lower than 51% under RA-DSA.

BESURE: Blockchain-Based Cloud-Assisted eHealth System with Secure Data Provenance

Shiyu Li, Yuan Zhang and ChunXiang Xu (University of Electronic Science and Technology of China, China); Nan Cheng (Xidian University, China); Zhi Liu (The University of Electro-Communications, Japan); Sherman Shen (University of Waterloo, Canada)

In this paper, we investigate actual cloud-assisted electronic health (eHealth) systems in terms of security, efficiency, and functionality. Specifically, we propose a password-based subsequent-key-locked encryption mechanism to ensure the confidentiality of outsourced electronic health records (EHRs). We also propose a blockchain-based secure EHR provenance mechanism by designing the data structure of the EHR provenance record and deploying a public blockchain and smart contract to secure both EHRs and their provenance records. With the two mechanisms, we develop BESURE (blockchain-based cloud-assisted eHealth system with secure data provenance) to provide a secure EHR storage service with efficient provenance. Security analysis and comprehensive performance evaluation are conducted to demonstrate that BESURE is secure and efficient.

Cumulus: A Secure BFT-based Sidechain for Off-chain Scaling

Fangyu Gai (University of British Columbia, Canada); Jianyu Niu (The University of British Columbia, Canada); Seyed Ali Tabatabaee, Chen Feng and Mohammad Jalalzai (University of British Columbia, Canada)

Sidechains enable off-chain scaling by sending transactions in a private network rather than broadcasting them in the public blockchain (i.e., the mainchain) network. To this end, classic Byzantine fault-tolerant (BFT) consensus protocols such as PBFT seem an excellent fit to fuel sidechains for their permissioned settings and inherent robustness. However, designing a secure and efficient BFT-based sidechain protocol remains an open challenge.

This paper presents Cumulus, a novel BFT-based sidechain framework for blockchains to achieve off-chain scaling without compromising any security and efficiency properties of both sides' consensus protocols. Cumulus encompasses a novel cryptographic sortition algorithm called Proof-of-Wait to fairly select sidechain nodes to communicate with the mainchain in an efficient and decentralized manner. To further reduce the operational cost, Cumulus provides an optimistic checkpointing approach in which the mainchain will not verify checkpoints unless disputes happen. Meanwhile, end-users enjoy a two-step withdrawal protocol, ensuring that they can safely collect assets back to the mainchain without relying on the BFT committee. Our experiments show that Cumulus sidechains outperform ZK-Rollup, another promising sidechain construction, achieving one and two orders of magnitude improvement in throughput and latency while retaining comparable operational cost.

Robust P2P Connectivity Estimation for Permissionless Bitcoin Network

Hsiang-Jen Hong, Wenjun Fan and Simeon Wuthier (University of Colorado Colorado Springs, USA); Jinoh Kim (Texas A&M University-Commerce, USA); Xiaobo Zhou (University of Colorado, Colorado Springs, USA); C. Edward Chow (University of Colorado at Colorado Springs, USA); Sang-Yoon Chang (University of Colorado Colorado Springs, USA)

Blockchain relies on the underlying peer-to-peer (p2p) networking to broadcast and get up-to-date on the blocks and transactions. Because of the blockchain operations' reliance on the information provided by p2p networking, it is imperative to have high p2p connectivity for the quality of the blockchain system operations and performances. High p2p networking connectivity ensures that a peer node is connected to multiple other peers providing a diverse set of observers of the current state of the blockchain and transactions. However, in a permissionless blockchain network, using the peer identifiers-including the current approach of counting the number of distinct IP addresses-can be ineffective in measuring the number of peer connections and estimating the networking connectivity. Such current approach is further challenged by the networking threats manipulating identities. We build a robust estimation engine for the p2p networking connectivity by sensing and processing the p2p networking traffic. We take a systems approach to study our engine and analyze the followings: the different components of the estimation engine and how they affect the accuracy performances, the role and the effectiveness of an outlier detection to enhance the connectivity estimation, and the engine's interplay with the Bitcoin protocol. We implement a working Bitcoin prototype connected to the Bitcoin mainnet to validate and improve our engine's performances and evaluate the estimation accuracy and cost efficiency of our estimation engine.

Automated Quality of Service Monitoring for 5G and Beyond Using Distributed Ledgers

Tooba Faisal (Kings College London, United Kingdom (Great Britain)); Damiano Di Francesco Maesa (University of Cambridge & Istituto di Informatica e Telematica, Consiglio Nazionale delle Ricerche, United Kingdom (Great Britain)); Nishanth Sastry (University of Surrey, United Kingdom (Great Britain)); Simone Mangiante (Vodafone, United Kingdom (Great Britain))

The viability of new mission-critical networked applications such as connected cars or remote surgery is heavily dependent on the availability of truly customized network services at a Quality of Service (QoS) level that both the network operator and the customer can agree on. This is difficult to achieve in today's mainly "best effort" Internet. Even when there are explicit Service Level Agreements (SLAs) between operator and customer, there is a lack of transparency and accountability in the contractual process, and customers are rarely able to monitor the delivered services, their rights, and operators' obligations. Service Level Guarantees typically assume that resources can be shared and statistically multiplexed, which may lead to occasional failures. This is not acceptable in mission-critical services where human lives may be at stake.

In this work, we present a novel end-to-end architecture making the contractual process transparent and accountable. Our architecture borrows inherent properties of emerging Distributed Ledger Technologies (DLTs) to replace today's manual negotiation of service level agreements with an automated process based on smart contracts. This automation allows service levels to be agreed upon just-in-time, a few minutes before service is needed, and for this agreement to be in place for a limited well-defined duration. This clarity and immediacy allows mobile operators to introspect the currently available capacities in their network and make hard resource reservations, thereby providing firm service level guarantees. We also develop a overhead solution, based on cryptographically secure bloom filters, that makes it possible to monitor and enforce at run time the QoS levels which have been agreed upon.

Coded Matrix Chain Multiplication

Xiaodi Fan (CUNY Graduate Center); Angel Saldivia (Florida International University, USA); Pedro Soto (CUNY Graduate Center); Jun Li (City University of New York, USA)

The matrix multiplication is a fundamental building block in many machine learning models. As the input matrices may be too large to be multiplied on a single server, it is common to split input matrices into multiple submatrices and execute the multiplications on different servers. However, in a distributed infrastructure it is common to observe stragglers whose performance is lower than other servers at some time. In order to mitigate the adversarial effects of potential stragglers, various coding schemes for the distributed matrix multiplication have been recently proposed. While most existing works have only considered the simplest case where only two matrices are multiplied, we investigate a more general case in this paper where multiple matrices are multiplied, and propose a coding scheme that the result can be directly decoded in one round, instead of in multiple rounds of computation. Compared to completing the matrix chain multiplication in multiple rounds, our coding scheme can achieve significant savings of completion time by up to 90.3%.

Session Chair

Aniruddh Rao Kabbinale, Samsung R&D institute India - Bangalore

Made with in Toronto · Privacy Policy · IWQoS 2020 · © 2021 Duetone Corp.