Mauro Conti scite author profile

Bitcoin is a popular cryptocurrency that records all transactions in a distributed append-only public ledger called blockchain. The security of Bitcoin heavily relies on the incentivecompatible proof-of-work (PoW) based distributed consensus protocol, which is run by network nodes called miners. In exchange for the incentive, the miners are expected to honestly maintain the blockchain. Since its launch in 2009, Bitcoin economy has grown at an enormous rate, and it is now worth about 170 billions of dollars. This exponential growth in the market value of Bitcoin motivates adversaries to exploit weaknesses for profit, and researchers to discover new vulnerabilities in the system, propose countermeasures, and predict upcoming trends.In this paper, we present a systematic survey that covers the security and privacy aspects of Bitcoin. We start by presenting an overview of the Bitcoin protocol and its major components along with their functionality and interactions within the system. We review the existing vulnerabilities in Bitcoin and its underlying major technologies such as blockchain and PoW based consensus protocol. These vulnerabilities lead to the execution of various security threats to the normal functionality of Bitcoin. We then discuss the feasibility and robustness of the state-of-theart security solutions. Additionally, we present current privacy and anonymity considerations in Bitcoin and discuss the privacyrelated threats to Bitcoin users along with the analysis of the existing privacy-preserving solutions. Finally, we summarize the critical open challenges and suggest directions for future research towards provisioning stringent security and privacy techniques for Bitcoin.

show abstract

A Survey on Homomorphic Encryption Schemes

Acar

et al. 2018

View full text Add to dashboard Cite

Legacy encryption systems depend on sharing a key (public or private) among the peers involved in exchanging an encrypted message. However, this approach poses privacy concerns. The users or service providers with the key have exclusive rights on the data. Especially with popular cloud services, the control over the privacy of the sensitive data is lost. Even when the keys are not shared, the encrypted material is shared with a third party that does not necessarily need to access the content. Moreover, untrusted servers, providers, and cloud operators can keep identifying elements of users long after users end the relationship with the services. Indeed, Homomorphic Encryption (HE), a special kind of encryption scheme, can address these concerns as it allows any third party to operate on the encrypted data without decrypting it in advance. Although this extremely useful feature of the HE scheme has been known for over 30 years, the first plausible and achievable Fully Homomorphic Encryption (FHE) scheme, which allows any computable function to perform on the encrypted data, was introduced by Craig Gentry in 2009. Even though this was a major achievement, different implementations so far demonstrated that FHE still needs to be improved significantly to be practical on every platform. Therefore, this survey focuses on HE and FHE schemes. First, we present the basics of HE and the details of the well-known Partially Homomorphic Encryption (PHE) and Somewhat Homomorphic Encryption (SWHE), which are important pillars of achieving FHE. Then, the main FHE families, which have become the base for the other follow-up FHE schemes are presented. Furthermore, the implementations and recent improvements in Gentry-type FHE schemes are also surveyed. Finally, further research directions are discussed. This survey is intended to give a clear knowledge and foundation to researchers and practitioners interested in knowing, applying, as well as extending the state of the art HE, PHE, SWHE, and FHE systems.

show abstract

Smart health: A context-aware health paradigm within smart cities

et al. 2014

View full text Add to dashboard Cite

Provably Secure Authenticated Key Agreement Scheme for Smart Grid

Odelu

Das

Wazid

et al. 2016

IEEE Trans. Smart Grid

181

229

View full text Add to dashboard Cite

Android Security: A Survey of Issues, Malware Penetration, and Defenses

Faruki

Bharmal

Laxmi

et al. 2015

IEEE Commun. Surv. Tutorials

429

217

View full text Add to dashboard Cite

This is the accepted version of the paper.This version of the publication may differ from the final published version. Abstract-Android smartphones are gaining big market share due to several reasons, including open architecture and popularity of its application programming interfaces (APIs) in developer community. In general, smartphone has become pervasive due to its cost effectiveness, ease of use and availability of office applications, Internet, games, vehicle guidance using locationbased services apart from conventional voice calls, messaging and multimedia services. Permanent

show abstract

Internet of Things security and forensics: Challenges and opportunities

Conti

Dehghantanha

Franke

et al. 2018

Future Generation Computer Systems

405

180

View full text Add to dashboard Cite

The Internet of Things (IoT) envisions pervasive, connected, and smart nodes interacting autonomously while offering all sorts of services. Wide distribution, openness and relatively high processing power of IoT objects made them an ideal target for cyber attacks. Moreover, as many of IoT nodes are collecting and processing private information, they are becoming a goldmine of data for malicious actors. Therefore, security and specifically the ability to detect compromised nodes, together with collecting and preserving evidences of an attack or malicious activities emerge as a priority in successful deployment of IoT networks. In this paper, we first introduce existing major security and forensics challenges within IoT domain and then briefly discuss about papers published in this special issue targeting identified challenges.

show abstract

Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks

Wazid

Das

Odelu

et al. 2018

IEEE Internet Things J.

295

181

View full text Add to dashboard Cite

A Survey of Man In The Middle Attacks

Conti

Dragoni

Lesyk

2016

IEEE Commun. Surv. Tutorials

399

169

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Mauro Conti

A Survey on Security and Privacy Issues of Bitcoin

A Survey on Homomorphic Encryption Schemes

Smart health: A context-aware health paradigm within smart cities

Provably Secure Authenticated Key Agreement Scheme for Smart Grid

Android Security: A Survey of Issues, Malware Penetration, and Defenses

Internet of Things security and forensics: Challenges and opportunities

Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks

A Survey of Man In The Middle Attacks

Contact Info

Product

Resources

About