One-Time Programs Made Practical

Zhao, Lianying; Choi, Joseph I.; Demirag, Didem; Butler, Kevin; Mannan, Mohammad; Ayday, Erman; Clark, Jeremy

doi:10.1007/978-3-030-32101-7_37

Cited by 4 publications

(7 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is impossible to avoid any piece of software to be copied and run again without using additional instrumentation. In the literature, different approaches for OTP implementation exist, from using dedicated hardware and complex cryptographic techniques (as in the first paper itself [ 30 ] and [ 33 ]) to extremely compelling approaches based on quantum computing [ 34 , 35 , 36 ]). In particular, Ref.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

A Sustainable Approach to Delivering Programmable Peer-to-Peer Offline Payments

Mainetti

Aprile

Mele

et al. 2023

Sensors

View full text Add to dashboard Cite

Payment apps and digital wallets are powerful tools used to exchange e-money via the internet. However, with the progressive disappearance of cash, there is a need for the digital equivalent of physical banknotes to guarantee the same level of anonymity of private payments. Few efforts to solve the double-spending problem exist in P2P payments (i.e., in avoiding the possibility of a payer retaining copies of digital coins in absence of a trusted third party (TTP)), and further research efforts are needed to explore options to preserve the privacy of payments, as per the mandates of numerous central bank digital currency (CBDC) exploratory initiatives, such as the digital euro. Moreover, generic programmability requirements and energetic impacts should be considered. In this paper, we present a sustainable offline P2P payment scheme to face the double-spending problem by means of a one-time program (OTP) approach. The approach consists of wiping the business logic out of a client’s app and allowing financial intermediaries to inject a certified payment code into the user’s device, which will execute (asynchronously and offline) at the time of payment. To do so, we wrap each coin in a program at the time of withdrawal. Then the program exploits the trusted execution environment (TEE) of modern smartphones to transfer itself from the payer to the payee via a direct IoT link. To confirm the validity of the approach, we performed qualitative and quantitative evaluations, specifically focusing on the energetic sustainability of the proposed scheme. Results show that our payment scheme is energetically sustainable as the current absorbed for sending one coin is, at most, ~1.8 mAh on an Apple smartphone. We advance the state-of-the-art because the scheme meets the programmability, anonymity, and sustainability requirements (at the same time).

show abstract

Section: Methodsmentioning

confidence: 99%

“…In particular, Ref. [ 33 ] seems to be a very promising idea because it uses hardware that is already present on most modern mobile devices.…”

Section: Methodsmentioning

confidence: 99%

A Sustainable Approach to Delivering Programmable Peer-to-Peer Offline Payments

Mainetti

Aprile

Mele

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…It would be interesting to see how many of these problems, if any, can benefit from the introduction of trusted hardware. One example of this coupling is given by Zhao et al [222]; they investigate how TEEs may be used to realize one-time programs, ultimately building a system that uses Intel TXT in conjunction with the TPM. A unique and tailored approach to hardware-assisted computation may be necessary for each of the above problems, or it may be the case that several problems share characteristics that allow them to be tackled in a similar manner; such exploration would be an interesting direction for future work.…”

Section: Miscellaneousmentioning

confidence: 99%

Secure Multiparty Computation and Trusted Hardware: Examining Adoption Challenges and Opportunities

Choi

Butler

2019

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

When two or more parties need to compute a common result while safeguarding their sensitive inputs, they use secure multiparty computation (SMC) techniques such as garbled circuits. The traditional enabler of SMC is cryptography, but the significant number of cryptographic operations required results in these techniques being impractical for most real-time, online computations. Trusted execution environments (TEEs) provide hardware-enforced isolation of code and data in use, making them promising candidates for making SMC more tractable. This paper revisits the history of improvements to SMC over the years and considers the possibility of coupling trusted hardware with SMC. This paper also addresses three open challenges: (1) defeating malicious adversaries, (2) mobile-friendly TEE-supported SMC, and (3) a more general coupling of trusted hardware and privacy-preserving computation.

show abstract

“…However, it is easy to see that such programs cannot be fully software-based, as it is always possible to copy and re-execute a piece of software. Consequently, constructions for one-time programs found in the literature require tamperproof hardware, e.g., [17,20,23] or are based on trusted execution environments [32].…”

Section: Introductionmentioning

confidence: 99%

Single-Use Delegatable Signatures Based on Smart Contracts

Krenn

Lorünser

2021

Proceedings of the 16th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Delegation of cryptographic signing rights has found many application in the literature and the real world. However, despite very advanced functionalities and specific use cases, existing solutions share the natural limitation that the number of usages of these signing rights cannot be efficiently limited, but users can at most be disincentivized to abuse their rights.In this paper, we suggest a solution to this problem based on blockchains. We let a user define a smart contract defining delegated signing rights, which needs to be triggered to successfully sign a message. By leveraging the immutability of the blockchain, our construction can now guarantee that a user-defined threshold of signature invocations cannot be exceeded, thereby circumventing the need for dedicated hardware or similar assistance in existing constructions for one-time programs.We discuss different constructions supporting different features, and provide concrete implementations in the Solidity language of the Ethereum blockchain, proving the real-world efficiency and feasibility of our construction.

show abstract

One-Time Programs Made Practical

Cited by 4 publications

References 36 publications

A Sustainable Approach to Delivering Programmable Peer-to-Peer Offline Payments

A Sustainable Approach to Delivering Programmable Peer-to-Peer Offline Payments

Secure Multiparty Computation and Trusted Hardware: Examining Adoption Challenges and Opportunities

Single-Use Delegatable Signatures Based on Smart Contracts

Contact Info

Product

Resources

About