The Attack of the Clones Against Proof-of-Authority

Ekparinya, Parinya; Gramoli, Vincent; Jourjon, Guillaume

doi:10.14722/ndss.2020.24082

Cited by 46 publications

(24 citation statements)

References 15 publications

(30 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, the designed authorisation in CRA 3 is attribute-based and anonymous. Note that all the implemented experiments used the equivalent cryptographic security level (128-bit) [ 28 ], and that the transaction fee (gas) was calculated based upon the bytecodes generated by Ethereum Virtual Machine (EVM) [ 29 ] with PoA (Proof of Authority) [ 30 ] as the consensus mechanism.…”

Section: Performance Evaluation and Resultsmentioning

confidence: 99%

A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains

Zhang

Liu

Chai

et al. 2020

Sensors

View full text Add to dashboard Cite

Permissioned blockchains can be applied for sharing data among permitted users to authorise the data access requests in a permissioned blockchain. A consensus network constructed using pre-selected nodes should verify a data requester’s credentials to determine if he or she have the correct permissions to access the queried data. However, current studies do not consider how to protect users’ privacy for data authorisation if the pre-selected nodes become untrusted, e.g., the pre-selected nodes are manipulated by attackers. When a user’s credentials are exposed to pre-selected nodes in the consensus network during authorisation, the untrusted (or even malicious) pre-selected nodes may collect a user’s credentials and other private information without the user’s right to know. Therefore, the private data exposed to the consensus network should be tightly restricted. In this paper, we propose a challenge-response based authorisation scheme for permissioned blockchain networks named Challenge-Response Assisted Access Authorisation (CRA3) to protect users’ credentials during authorisation. In CRA3, the pre-selected nodes in the consensus network do not require users’ credentials to authorise data access requests to prevent privacy leakage when these nodes are compromised or manipulated by attackers. Furthermore, the computational burden on the consensus network for authorisation is reduced because the major computing work of the authorisation is executed by the data requester and provider in CRA3.

show abstract

Section: Performance Evaluation and Resultsmentioning

confidence: 99%

A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains

Zhang

Liu

Chai

et al. 2020

Sensors

View full text Add to dashboard Cite

show abstract

“…PoA and PoS consensus can integrate block reward/penalty mechanisms to promote fairness and establish system sustainability in the long-term. Reward/penalty mechanisms can also be used to enforce trusted operation by validators and further simplify the block sealing process [54]. Although PoA consensus is already available in ETH, the integration of PoS consensus is still undergoing [55].…”

Section: A Blockchain Consensusmentioning

confidence: 99%

Contract-Less Mobile Data Access Beyond 5G: Fully-Decentralized, High-Throughput and Anonymous Asset Trading Over the Blockchain

Xenakis¹,

Tsiota

Koulis³

et al. 2021

IEEE Access

View full text Add to dashboard Cite

The new "status quo" created by the emerging integration of Multi-Access Edge Computing (MEC) and Radio Access Network (RAN) infrastructures, combined with the openness of the 5G service market, have set new standards on how the multitude of 5G service domains should be incentivized and coordinated to comply with the performance requirements set on a per session basis. In this paper, we revisit the predominant offline contract-driven mobile data access model enabling users to gain access to the infrastructure of only a few network operators and propose a new blockchain-backed mobile data access model where the key 5G stakeholders can trade, share and consume mobile edge network assets (access to the internet, spectrum, processing, storage, local content etc.) in a fully decentralized, anonymous and highly-robust fashion. Blockchain-backed mobile data access should address critical practical challenges of blockchain decentralization, scalability and security in the context of 5G and Beyond networks. Accordingly, we provide a meticulous survey of existing solutions in the aforementioned three areas and present a comprehensive holistic framework of protocols to address the key challenges identified, including a delegated Proof-of-Stake (DPoS) for distributed blockchain consensus over 5G and Beyond mobile data networks, a future-proof smart-contract enabled payment relay service enabling instant off-chain payments in a highly robust fashion as well as a hybrid mixing protocol that enables payment relays to act as anonymous payment hubs while addressing the unique challenges opposed by the joint blockchain and network level interaction of the 5G and Beyond service components.A wide range of practical implications and mitigation measures for dishonest operation of the blockchain nodes are investigated and sophisticated yet highly-robust incentive engineering mechanisms are derived. Detailed numerical results also accompany the paper, bringing to light the unique performance trade-offs and valuable design guidelines towards blockchain-backed mobile data access for 5G and Beyond mobile data networks.INDEX TERMS mobile data access, 5G, 6G, blockchain, smart contracts, off-chain payments, anonymity, payment channels, delegated proof of stake (DPoS)

show abstract

“…These attacks have so far mainly been observed and studied on permissionless blockchains. In permissioned blockchains, manipulations of the routing protocol or network traffic interception can also lead to network partitions [22]. If none of the partitions are large enough to reach consensus, the network will stop processing incoming transactions (deterministic algorithms) or create competing forks (stochastic algorithms) [21].…”

Section: Network Protocolsmentioning

confidence: 99%

“…The PoA algorithm used by permissioned Ethereum networks is vulnerable to the Attack of the Clones [22]. In the attack, a single malicious node can double spend with high probability.…”

Section: Consensusmentioning

confidence: 99%

Trust Factors and Insider Threats in Permissioned Distributed Ledgers

Putz¹,

Pernul²

2019

Transactions on Large-Scale Data- And Knowledge-Centered Systems XLII

View full text Add to dashboard Cite

Permissioned distributed ledgers have recently captured the attention of organizations looking to improve efficiency, transparency and auditability in value network operations. Often the technology is regarded as trustless or trust-free, resulting in a false sense of security. In this work, we review the various trust factors present in distributed ledger systems. We analyze the different groups of trust actors and their trust relationships to the software layers and inherent components of distributed ledgers. Based on these analyses, we investigate how insiders may conduct attacks based on trust in distributed ledger components. To verify practical feasiblity of these attack vectors, we conduct a technical study with four popular permissioned distributed ledger frameworks: Hyperledger Fabric, Hyperledger Sawtooth, Ethereum and R3 Corda. Finally, we highlight options for mitigation of these threats.

show abstract

The Attack of the Clones Against Proof-of-Authority

Cited by 46 publications

References 15 publications

A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains

A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains

Contract-Less Mobile Data Access Beyond 5G: Fully-Decentralized, High-Throughput and Anonymous Asset Trading Over the Blockchain

Trust Factors and Insider Threats in Permissioned Distributed Ledgers

Contact Info

Product

Resources

About