No Arabic abstract
In this paper, we present Talaria, a novel permissioned blockchain simulator that supports numerous protocols and use cases, most notably in supply chain management. Talaria extends the capability of BlockSim, an existing blockchain simulator, to include permissioned blockchains and serves as a foundation for further private blockchain assessment. Talaria is designed with both practical Byzantine Fault Tolerance (pBFT) and simplified version of Proof-of-Authority consensus protocols, but can be revised to include other permissioned protocols within its modular framework. Moreover, Talaria is able to simulate different types of malicious authorities and a variable daily transaction load at each node. In using Talaria, business practitioners and policy planners have an opportunity to measure, evaluate, and adapt a range of blockchain solutions for commercial operations.
Existing permissioned blockchain systems designate a fixed and explicit group of committee nodes to run a consensus protocol that confirms the same sequence of blocks among all nodes. Unfortunately, when such a permissioned blockchain runs in a large scale on the Internet, these explicit committee nodes can be easily turned down by denial-of-service (DoS) or network partition attacks. Although work proposes scalable BFT protocols that run on a larger number of committee nodes, their efficiency drops dramatically when only a small number of nodes are attacked. In this paper, our EGES protocol leverages Intel SGX to develop a new abstraction called stealth committee, which effectively hides the committee nodes into a large pool of fake committee nodes. EGES selects a distinct group of stealth committee for each block and confirms the same sequence of blocks among all nodes with overwhelming probability. Evaluation on typical geo-distributed settings shows that: (1)EGES is the first permissioned blockchains consensus protocol that can tolerate tough DoS and network partition attacks; and (2) EGES achieves comparable throughput and latency as existing permissioned blockchains protocols
In this work, we leverage advances in decentralized identifiers and permissioned blockchains to build a flexible user authentication and authorization mechanism that offers enhanced privacy, achieves fast revocation, and supports distributed policy decision points executed in mutually untrusted entities. The proposed solution can be applied in multi-tenant IoT hubs that interconnect diverse IoT silos and enable authorization of guest users, i.e., opportunistic users that have no trust relationship with the system, which has not encountered or known them before.
Blockchain is maintained as a global log between a network of nodes and uses cryptographic distributed protocols to synchronize the updates. As adopted by Bitcoin and Ethereum these update operations to the ledger are serialized, and executed in batches. To safeguard the system against the generation of conflicting sets of updates and maintain the consistency of the ledger, the frequency of the updates is controlled, which severely affects the performance of the system. This paper presents Converging Directed Acyclic Graph (CDAG), as a substitute for the chain and DAG structures used in other blockchain protocols. CDAG allows multiple parallel updates to the ledger and converges them at the next step providing finality to the blocks. It partitions the updates into non-intersecting buckets of transactions to prevent the generation of conflicting blocks and divide the time into slots to provide enough time for them to propagate in the network. Multiple simultaneous updates improve the throughput of CDAG, and the converging step helps to finalize them faster, even in the presence of conflicts. Moreover, CDAG provides a total order among the blocks of the ledger to support smart contracts, unlike some of the other blockDAG protocols. We evaluate the performance of CDAG on Google Cloud Platform using Google Kubernetes Engine, simulating a real-time network. Experimental results show that CDAG achieves a throughput of more than 2000 transactions per second and confirms them well in under 2 minutes. Also, the protocol scales well in comparison to other permissioned protocols, and the capacity of the network only limits the performance.
There is increased interest in smart vehicles acting as both data consumers and producers in smart cities. Vehicles can use smart city data for decision-making, such as dynamic routing based on traffic conditions. Moreover, the multitude of embedded sensors in vehicles can collectively produce a rich data set of the urban landscape that can be used to provide a range of services. Key to the success of this vision is a scalable and private architecture for trusted data sharing. This paper proposes a framework called SpeedyChain, that leverages blockchain technology to allow smart vehicles to share their data while maintaining privacy, integrity, resilience and non-repudiation in a decentralized, and tamper-resistant manner. Differently from traditional blockchain usage (e.g., Bitcoin and Ethereum), the proposed framework uses a blockchain design that decouples the data stored in the transactions from the block header, thus allowing for fast addition of data to the blocks. Furthermore, an expiration time for each block to avoid large sized blocks is proposed. This paper also presents an evaluation of the proposed framework in a network emulator to demonstrate its benefits.
Vertical federated learning (VFL) leverages various privacy-preserving algorithms, e.g., homomorphic encryption or secret sharing based SecureBoost, to ensure data privacy. However, these algorithms all require a semi-honest secure definition, which raises concerns in real-world applications. In this paper, we present Aegis, a trusted, automatic, and accurate verification framework to verify the security of VFL jobs. Aegis is separated from local parties to ensure the security of the framework. Furthermore, it automatically adapts to evolving VFL algorithms by defining the VFL job as a finite state machine to uniformly verify different algorithms and reproduce the entire job to provide more accurate verification. We implement and evaluate Aegis with different threat models on financial and medical datasets. Evaluation results show that: 1) Aegis can detect 95% threat models, and 2) it provides fine-grained verification results within 84% of the total VFL job time.