Anonymous Transactions with Revocation and Auditing in Hyperledger Fabric

In permissioned blockchain systems, participants are admitted to the network by receiving a credential from a certification authority. Each transaction processed by the network is required to be authorized by a valid participant who authenticates via her credential. Use case settings where privacy is a concern thus require proper privacy-preserving authentication and authorization mechanisms. Anonymous credential schemes allow a user to authenticate while showing only those attributes necessary in a given setting. This makes them a great tool for authorizing transactions in permissioned blockchain systems based on the user’s attributes. As in most setups of such systems where there is one distinct certification authority for each organization in the network, the use of plain anonymous credential schemes still leaks the association of a user to her issuing organization. Camenisch, Drijvers and Dubovitskaya (CCS 2017) therefore suggest the use of a delegatable anonymous credential scheme to also hide that remaining piece of information. In this paper we improve the Camenisch et al. scheme and extend it with revocation and auditability; two functionalities that are necessary for real-world adoption. We present a complete protocol and provide its production-grade open-source implementation including the scheme and the proposed extensions, ready to be integrated with Hyperledger Fabric. Our distributed-setting performance measurements show that the integration of the scheme with Hyperledger Fabric, while incurring an overhead in comparison to the less privacy-preserving solutions, is practical for settings with stringent privacy requirements. PVLDB Reference Format: Dmytro Bogatov, Angelo De Caro, Kaoutar Elkhiyaoui, and Björn Tackmann. Anonymous Transactions with Revocation and Auditing in Hyperledger Fabric. PVLDB, 14(1): XXX-XXX, 2020. doi:10.14778/3324301.3324309 This work is licensed under the Creative Commons BY-NC-ND 4.0 International License. Visit https://creativecommons.org/licenses/by-nc-nd/4.0/ to view a copy of this license. For any use beyond those covered by this license, obtain permission by emailing info@vldb.org. Copyright is held by the owner/author(s). Publication rights licensed to the VLDB Endowment. Proceedings of the VLDB Endowment, Vol. 14, No. 1 ISSN 2150-8097. doi:10.14778/3324301.3324309

[1]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[2]  Jens Groth,et al.  Efficient Fully Structure-Preserving Signatures for Large Messages , 2015, IACR Cryptol. ePrint Arch..

[3]  Matthew Green,et al.  Decentralized Anonymous Credentials , 2014, NDSS.

[4]  Johannes Blömer,et al.  Delegatable Attribute-based Anonymous Credentials from Dynamically Malleable Signatures , 2018, IACR Cryptol. ePrint Arch..

[5]  Manu Drijvers Composable Anonymous Credentials from Global Random Oracles , 2018 .

[6]  Angelo De Caro,et al.  Channels: Horizontal Scaling and Confidentiality on Permissioned Blockchains , 2018, ESORICS.

[7]  Giuseppe Ateniese,et al.  Redactable Blockchain – or – Rewriting History in Bitcoin and Friends , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[8]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[9]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[10]  George Kollios,et al.  A Comparative Evaluation of Order-Revealing Encryption Schemes and Secure Range-Query Protocols , 2019, Proc. VLDB Endow..

[11]  Jan Camenisch,et al.  Anonymous Attestation Using the Strong Diffie Hellman Assumption Revisited , 2016, TRUST.

[12]  Stefan Dziembowski,et al.  Multi-party Virtual State Channels , 2019, EUROCRYPT.

[13]  Murat Kantarcioglu,et al.  Inference attack against encrypted range queries on outsourced databases , 2014, CODASPY '14.

[14]  Matthew Green,et al.  Accountable Privacy for Decentralized Anonymous Payments , 2016, Financial Cryptography.

[15]  Ueli Maurer,et al.  Universally Composable Synchronous Computation , 2013, TCC.

[16]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[17]  Angelo De Caro,et al.  Initial Public Offering (IPO) on Permissioned Blockchain Using Secure Multiparty Computation , 2019, 2019 IEEE International Conference on Blockchain (Blockchain).

[18]  Kari Kostiainen,et al.  PRCash: Fast, Private and Regulated Transactions for Digital Currencies , 2019, Financial Cryptography.

[19]  Samuel Madden,et al.  Processing Analytical Queries over Encrypted Data , 2013, Proc. VLDB Endow..

[20]  David Cash,et al.  Leakage-Abuse Attacks Against Searchable Encryption , 2015, IACR Cryptol. ePrint Arch..

[21]  David Cash,et al.  What Else is Revealed by Order-Revealing Encryption? , 2016, IACR Cryptol. ePrint Arch..

[22]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[23]  Yunlei Zhao,et al.  Order-Revealing Encryption: File-Injection Attack and Forward Security , 2021, Journal of Computer Science and Technology.

[24]  Pieter Wuille,et al.  Confidential Assets , 2018, Financial Cryptography Workshops.

[25]  George Danezis,et al.  Coconut: Threshold Issuance Selective Disclosure Credentials with Applications to Distributed Ledgers , 2018, NDSS.

[26]  Anna Lysyanskaya,et al.  Delegatable Anonymous Credentials from Mercurial Signatures , 2019, IACR Cryptol. ePrint Arch..

[27]  Rishabh Poddar,et al.  Arx: An Encrypted Database using Semantically Secure Encryption , 2019, Proc. VLDB Endow..

[28]  Angelos D. Keromytis,et al.  Blind Seer: A Scalable Private DBMS , 2014, 2014 IEEE Symposium on Security and Privacy.

[29]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[30]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[31]  Jan Camenisch,et al.  Accumulators with Applications to Anonymity-Preserving Revocation , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[32]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[33]  Vitaly Shmatikov,et al.  The Tao of Inference in Privacy-Protected Databases , 2018, Proc. VLDB Endow..

[34]  Davide Frey,et al.  Dietcoin: Hardening Bitcoin Transaction Verification Process For Mobile Devices , 2019, Proc. VLDB Endow..

[35]  Senthil Nathan,et al.  Blockchain Meets Database: Design and Implementation of a Blockchain Relational Database , 2019, Proc. VLDB Endow..

[36]  Benny Pinkas,et al.  SBFT: A Scalable and Decentralized Trust Infrastructure , 2018, 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[37]  Yi Mu,et al.  Constant-Size Dynamic k-TAA , 2006, SCN.

[38]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[39]  Carsten Binnig,et al.  BlockchainDB - A Shared Database on Blockchains , 2019, Proc. VLDB Endow..

[40]  Adam O'Neill,et al.  Generic Attacks on Secure Outsourced Databases , 2016, CCS.

[41]  Angelo De Caro,et al.  Privacy-preserving auditable token payments in a permissioned blockchain system , 2020, IACR Cryptol. ePrint Arch..

[42]  Ramarathnam Venkatesan,et al.  Orthogonal Security with Cipherbase , 2013, CIDR.

[43]  Jan Camenisch,et al.  Practical UC-Secure Delegatable Credentials with Attributes and Their Application to Blockchain , 2017, CCS.

[44]  Srdjan Capkun,et al.  μchain: How to Forget without Hard Forks , 2017, IACR Cryptol. ePrint Arch..

[45]  Somesh Jha,et al.  Cryptϵ: Crypto-Assisted Differential Privacy on Untrusted Servers , 2020, SIGMOD Conference.

[46]  K. Paterson,et al.  Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[47]  Vitaly Shmatikov,et al.  Why Your Encrypted Database Is Not Secure , 2017, HotOS.

[48]  Charles V. Wright,et al.  Inference Attacks on Property-Preserving Encrypted Databases , 2015, CCS.

[49]  Jens Dittrich,et al.  Blurring the Lines between Blockchains and Database Systems: the Case of Hyperledger Fabric , 2019, SIGMOD Conference.

[50]  Jelle Hellings,et al.  ResilientDB: Global Scale Resilient Blockchain Fabric , 2020, Proc. VLDB Endow..

[51]  Yanqing Peng,et al.  FalconDB: Blockchain-based Collaborative Database , 2020, SIGMOD Conference.

[52]  Thomas Ristenpart,et al.  Leakage-Abuse Attacks against Order-Revealing Encryption , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[53]  Lorenzo Alvisi,et al.  Obladi: Oblivious Serializable Transactions in the Cloud , 2018, OSDI.

[54]  Ashwin Machanavajjhala,et al.  PrivateSQL: A Differentially Private SQL Query Engine , 2019, Proc. VLDB Endow..

[55]  Jing Chen,et al.  Algorand: A secure and efficient distributed ledger , 2019, Theor. Comput. Sci..

[56]  C. Stathakopoulou,et al.  Mir-BFT: High-Throughput BFT for Blockchains , 2019, ArXiv.

[57]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[58]  Andreas Haeberlen,et al.  Big Data Analytics over Encrypted Datasets with Seabed , 2016, OSDI.

[59]  Mark Zhandry,et al.  Semantically Secure Order-Revealing Encryption: Multi-input Functional Encryption Without Obfuscation , 2015, EUROCRYPT.

[60]  Silvio Micali,et al.  Zero-knowledge sets , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[61]  Patrick Eugster,et al.  Efficient confidentiality-preserving data analytics over symmetrically encrypted datasets , 2020, Proc. VLDB Endow..

[62]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[63]  Murat Kantarcioglu,et al.  Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation , 2012, NDSS.

[64]  Guoliang Li,et al.  ServeDB: Secure, Verifiable, and Efficient Range Queries on Outsourced Database , 2019, 2019 IEEE 35th International Conference on Data Engineering (ICDE).

[65]  Jörn Müller-Quade,et al.  Improved Coercion-Resistant Electronic Elections through Deniable Re-Voting , 2015 .

[66]  Paulo S. L. M. Barreto,et al.  Pairing-Friendly Elliptic Curves of Prime Order , 2005, Selected Areas in Cryptography.

[67]  Matei Zaharia,et al.  ObliDB: Oblivious Query Processing using Hardware Enclaves , 2017 .

[68]  Marko Vukolic,et al.  Hyperledger fabric: a distributed operating system for permissioned blockchains , 2018, EuroSys.