Managing Secrets with Consensus Networks: Fairness, Ransomware and Access Control

In this work we investigate the problem of using public consensus networks – exemplified by systems like Ethereum and Bitcoin – to perform cryptographic functionalities that involve the manipulation of secret data, such as cryptographic access control. We consider a hybrid paradigm in which a secure client-side functionality manages cryptographic secrets, while an online consensus network performs public computation. Using this approach, we explore both the constructive and potentially destructive implications of such systems. We first show that this combination allows for the construction of stateful interactive functionalities (including general computation) from a stateless client-side functionality, which can be implemented using inexpensive trusted hardware or even purely cryptographic functionalities such as Witness Encryption. We then describe a number of practical applications that can be achieved today. These include rate limited mandatory logging; strong encrypted backups from weak passwords; enforcing fairness in multi-party computation; and destructive applications such as autonomous ransomware, which allows for payments without an online party.

[1]  Yael Tauman Kalai,et al.  Protecting Obfuscation against Algebraic Attacks , 2014, EUROCRYPT.

[2]  Eike Kiltz,et al.  Chosen-Ciphertext Security from Tag-Based Encryption , 2006, TCC.

[3]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[4]  Fan Zhang,et al.  Town Crier: An Authenticated Data Feed for Smart Contracts , 2016, CCS.

[5]  Ahto Buldas,et al.  Keyless Signatures' Infrastructure: How to Build Global Distributed Hash-Trees , 2013, NordSec.

[6]  Tibor Jager,et al.  How to build time-lock encryption , 2018, Designs, Codes and Cryptography.

[7]  Bruce Schneier,et al.  Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.

[8]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[9]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[10]  Benny Pinkas,et al.  Fair Secure Two-Party Computation , 2003, EUROCRYPT.

[11]  Michael K. Reiter,et al.  Alternatives to Non-malleability: Definitions, Constructions, and Applications (Extended Abstract) , 2004, TCC.

[12]  Phillip Rogaway,et al.  Authenticated-encryption with associated-data , 2002, CCS '02.

[13]  Alex Biryukov,et al.  Proof-of-Work as Anonymous Micropayment: Rewarding a Tor Relay , 2015, Financial Cryptography.

[14]  Elette Boyle On Extractability (a.k.a. Differing-Inputs) Obfuscation , 2014 .

[15]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[16]  Pieter Wuille,et al.  Enabling Blockchain Innovations with Pegged Sidechains , 2014 .

[17]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[18]  Craig Gentry,et al.  On the Implausibility of Differing-Inputs Obfuscation and Extractable Witness Encryption with Auxiliary Input , 2014, Algorithmica.

[19]  Ittai Anati,et al.  Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[20]  Nico Döttling,et al.  Basing Obfuscation on Simple Tamper-Proof Hardware Assumptions , 2011, IACR Cryptol. ePrint Arch..

[21]  Kai-Min Chung,et al.  On Extractability Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[22]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[23]  Kartik Nayak,et al.  HOP: Hardware makes Obfuscation Practical , 2017, NDSS.

[24]  Guy N. Rothblum,et al.  Virtual Black-Box Obfuscation for All Circuits via Generic Graded Encoding , 2014, TCC.

[25]  Tobias Pulls,et al.  Hardware Strengthening a Distributed Logging Scheme , 2012, 2012 15th Euromicro Conference on Digital System Design.

[26]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[27]  Rob Jansen,et al.  A TorPath to TorCoin: Proof-of-Bandwidth Altcoins for Compensating Relays , 2014 .

[28]  Sergei Skorobogatov,et al.  The bumpy road towards iPhone 5c NAND mirroring , 2016, ArXiv.

[29]  Brent Waters,et al.  Cloaking Malware with the Trusted Platform Module , 2011, USENIX Security Symposium.

[30]  Mark Zhandry,et al.  Differing-Inputs Obfuscation and Applications , 2013, IACR Cryptol. ePrint Arch..

[31]  Moti Yung,et al.  Cryptovirology: extortion-based security threats and countermeasures , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[32]  Elaine Shi,et al.  The Ring of Gyges: Investigating the Future of Criminal Smart Contracts , 2016, CCS.

[33]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[34]  Yael Tauman Kalai,et al.  How to Run Turing Machines on Encrypted Data , 2013, CRYPTO.

[35]  Brent Waters,et al.  Witness encryption and its applications , 2013, STOC '13.

[36]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[37]  Matt Blaze,et al.  Key Management in an Encrypting File System , 1994, USENIX Summer.

[38]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[39]  Roel Peeters,et al.  Distributed privacy-preserving transparency logging , 2013, WPES.

[40]  Hannes Hartenstein,et al.  A Security Analysis of the Emerging P2P-Based Personal Cloud Platform MaidSafe , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[41]  Jonathan Katz,et al.  Partial Fairness in Secure Two-Party Computation , 2010, Journal of Cryptology.

[42]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[43]  Robert F. Mills,et al.  Design and Analysis of a Dynamically Configured Log-based Distributed Security Event Detection Methodology , 2012 .

[44]  Fan Zhang,et al.  Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[45]  Blase Ur,et al.  Measuring Real-World Accuracies and Biases in Modeling Password Guessability , 2015, USENIX Security Symposium.

[46]  Ronald Cramer,et al.  Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..

[47]  Eran Omri,et al.  1/p-Secure Multiparty Computation without Honest Majority and the Best of Both Worlds , 2011, CRYPTO.

[48]  Joseph Bonneau,et al.  The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords , 2012, 2012 IEEE Symposium on Security and Privacy.

[49]  Alex J. Malozemoff,et al.  5Gen: A Framework for Prototyping Applications Using Multilinear Maps and Matrix Branching Programs , 2016, CCS.

[50]  Matthew Green,et al.  Decentralized Anonymous Credentials , 2014, NDSS.

[51]  Björn Scheuermann,et al.  Bitcoin and Beyond: A Technical Survey on Decentralized Digital Currencies , 2016, IEEE Communications Surveys & Tutorials.