Smart contracts, as an added functionality to blockchain, have received increased attention recently. They are executable programs whose instance and state are stored in blockchain. Hence, smart contracts and blockchain enable a trustable, trackable, and irreversible protocol without the need for trusted third parties which generally constitute a single point of failure. If a user creates and distributes a smart contract, others will be able to interact with it while the underlying blockchain ensures a trustable execution. In this paper, we aim to introduce state-of-the-art technologies of the smart contract protocol. We firstly introduce the history of blockchain and smart contracts followed by their step-by-step operations. Then, we introduce the survey results which are classified into four categories based on their purposes: cryptography, access management, social application, and smart contract structure. By presenting the most recent knowledge, this paper will contribute to the advances and proliferation of smart contracts.
One critical vulnerability of stream ciphers is the reuse of an encryption key. Since most stream ciphers consist of only a key scheduling algorithm and an Exclusive OR (XOR) operation, an adversary may break the cipher by XORing two captured ciphertexts generated under the same key. Various cryptanalysis techniques based on this property have been introduced in order to recover plaintexts or encryption keys; in contrast, this research reinterprets the vulnerability as a method of detecting stream ciphers from the ciphertexts it generates. Patterns found in the values (characters) expressed across the bytes of a ciphertext make the ciphertext distinguishable from random and are unique to each combination of ciphers and encryption keys. We propose a scheme that uses these patterns as a fingerprint, which is capable of detecting all ciphertexts of a given length generated by an encryption pair. The scheme can be utilized to detect a specific type of malware that exploits a stream cipher with a stored key such as the DarkComet Remote Access Trojan (RAT). We show that our scheme achieves 100% accuracy for messages longer than 13 bytes in about 17 µsec, providing a fast and highly accurate tool to aid in encrypted malware detection.
Group Key Exchange (GKE) is an important tool to develop secure multi-user applications such as group text messages, ad-hoc networks, and so on. Most of the currently deployed GKE schemes are synchronous, i.e., they require all the participants to be online during their execution. However, with more battery-powered devices being used in such applications, the synchronicity requirement is challenging to fulfill. To fill the gaps, asynchronous GKE schemes have been introduced in the literature. Nevertheless, the currently available asynchronous and synchronous GKE schemes rely on Trusted Third Parties (TTPs) for key establishment and management. To this end, reliance on TTPs is a serious shortcoming since TTPs are well known to be the single point of failure. Furthermore, the existing GKE schemes require participants to perform all computations, which can degrade the performance of resource-constrained devices such as Internet of Things (IoT) devices. To solve these problems, in this paper, we propose an asynchronous GKE scheme that uses blockchain and smart contracts to store the security keys-related material and reduce the computational load of the participants. Furthermore, our proposed scheme provides Perfect Forward Secrecy (PFS) and Post-Compromised Security (PCS). Our implementation on Ethereum shows that the proposed scheme can scale to more than 100 participants when combined with a distributed storage system.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.