اشترك بالحزمة الذهبية واحصل على وصول غير محدود شمرا أكاديميا
تسجيل مستخدم جديدFail-safe Watchtowers and Short-lived Assertions for Payment Channels
124
0
0.0
(
0
)
اسأل ChatGPT حول البحث
ﻻ يوجد ملخص باللغة العربية
The recent development of payment channels and their extensions (e.g., state channels) provides a promising scalability solution for blockchains which allows untrusting parties to transact off-chain and resolve potential disputes via on-chain smart contracts. To protect participants who have no constant access to the blockchain, a watching service named as watchtower is proposed -- a third-party entity obligated to monitor channel states (on behalf of the participants) and correct them on-chain if necessary. Unfortunately, currently proposed watchtower schemes suffer from multiple security and efficiency drawbacks. In this paper, we explore the design space behind watchtowers. We propose a novel watching service named as fail-safe watchtowers. In contrast to prior proposed watching services, our fail-safe watchtower does not watch on-chain smart contracts constantly. Instead, it only sends a single on-chain message periodically confirming or denying the final states of channels being closed. Our watchtowers can easily handle a large number of channels, are privacy-preserving, and fail-safe tolerating multiple attack vectors. Furthermore, we show that watchtowers (in general) may be an option economically unjustified for multiple payment scenarios and we introduce a simple, yet powerful concept of short-lived assertions which can mitigate misbehaving parties in these scenarios.
قيم البحث
اقرأ أيضاً
Micropayment channels are the most prominent solution to the limitation on transaction throughput in current blockchain systems. However, in practice channels are risky because participants have to be online constantly to avoid fraud, and inefficient
because participants have to open multiple channels and lock funds in them. To address the security issue, we propose a novel mechanism that involves watchtowers incentivized to watch the channels and reveal a fraud. Our protocol does not require participants to be online constantly watching the blockchain. The protocol is secure, incentive compatible and lightweight in communication. Furthermore, we present an adaptation of our protocol implementable on the Lightning protocol. Towards efficiency, we examine specific topological structures in the blockchain transaction graph and generalize the construction of channels to enable topologies better suited to specific real-world needs. In these cases, our construction reduces the required amount of signatures for a transaction and the total amount of locked funds in the system.
On todays Internet, combining the end-to-end security of TLS with Content Delivery Networks (CDNs) while ensuring the authenticity of connections results in a challenging delegation problem. When CDN servers provide content, they have to authenticate
themselves as the origin server to establish a valid end-to-end TLS connection with the client. In standard TLS, the latter requires access to the secret key of the server. To curb this problem, multiple workarounds exist to realize a delegation of the authentication. In this paper, we present a solution that renders key sharing unnecessary and reduces the need for workarounds. By adapting identity-based signatures to this setting, our solution offers short-lived delegations. Additionally, by enabling forward-security, existing delegations remain valid even if the servers secret key leaks. We provide an implementation of the scheme and discuss integration into a TLS stack. In our evaluation, we show that an efficient implementation incurs less overhead than a typical network round trip. Thereby, we propose an alternative approach to current delegation practices on the web.
In earlier work, we extend the Dolev-Yao model with assertions. We build on that work and add existential abstraction to the language, which allows us to translate common constructs used in voting protocols into proof properties. We also give an equi
valence-based definition of anonymity in this model, and prove anonymity for the FOO voting protocol.
Off-chain protocols (channels) are a promising solution to the scalability and privacy challenges of blockchain payments. Current proposals, however, require synchrony assumptions to preserve the safety of a channel, leaking to an adversary the exact
amount of time needed to control the network for a successful attack. In this paper, we introduce Brick, the first payment channel that remains secure under network asynchrony and concurrently provides correct incentives. The core idea is to incorporate the conflict resolution process within the channel by introducing a rational committee of external parties, called Wardens. Hence, if a party wants to close a channel unilaterally, it can only get the committees approval for the last valid state. Brick provides sub-second latency because it does not employ heavy-weight consensus. Instead, Brick uses consistent broadcast to announce updates and close the channel, a light-weight abstraction that is powerful enough to preserve safety and liveness to any rational parties. Furthermore, we consider permissioned blockchains, where the additional property of auditability might be desired for regulatory purposes. We introduce Brick+, an off-chain construction that provides auditability on top of Brick without conflicting with its privacy guarantees. We formally define the properties our payment channel construction should fulfill, and prove that both Brick and Brick+ satisfy them. We also design incentives for Brick such that honest and rational behavior aligns. Finally, we provide a reference implementation of the smart contracts in Solidity.
Information sharing is vital in resisting cyberattacks, and the volume and severity of these attacks is increasing very rapidly. Therefore responders must triage incoming warnings in deciding how to act. This study asked a very specific question: how
can the addition of confidence information to alerts and warnings improve overall resistance to cyberattacks. We sought, in particular, to identify current practices, and if possible, to identify some best practices. The research involved literature review and interviews with subject matter experts at every level from system administrators to persons who develop broad principles of policy. An innovative Modified Online Delphi Panel technique was used to elicit judgments and recommendations from experts who were able to speak with each other and vote anonymously to rank proposed practices.
سجل دخول لتتمكن من نشر تعليقات
التعليقات
جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
