Malleability of the blockchain’s entropy

Pierrot, Cécile; Wesolowski, Benjamin

doi:10.1007/s12095-017-0264-3

Cited by 39 publications

(17 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We stress that the fact that the hash value of blocks generated in the future cannot be predicted does not means that the hash value cannot be biased by an adversary who has infinite budget. Since the adversary can incentivize a miner who first mine a block to throw the newly mined block away and continue to mine if the hash value of the block does not meet the adversary's requirement [42]. We utilize the Ethereum blockchain as the underlying public blockchain.…”

Section: Public Blockchain and On-chain Currenciesmentioning

confidence: 99%

See 1 more Smart Citation

Blockchain-Based Public Integrity Verification for Cloud Storage against Procrastinating Auditors

Zou

Lin

et al. 2021

IEEE Trans. Cloud Comput.

234

104

View full text Add to dashboard Cite

The deployment of cloud storage services has significant benefits in managing data for users. However, it also causes many security concerns, and one of them is data integrity. Public verification techniques can enable a user to employ a third-party auditor to verify the data integrity on behalf of her/him, whereas existing public verification schemes are vulnerable to procrastinating auditors who may not perform verifications on time. Furthermore, most of public verification schemes are constructed on the public key infrastructure (PKI), and thereby suffer from certificate management problem. In this paper, we propose the first certificateless public verification scheme against procrastinating auditors (CPVPA) by using blockchain technology. The key idea is to require auditors to record each verification result into a blockchain as a transaction. Since transactions on the blockchain are time-sensitive, the verification can be time-stamped after the corresponding transaction is recorded into the blockchain, which enables users to check whether auditors perform the verifications at the prescribed time. Moreover, CPVPA is built on certificateless cryptography, and is free from the certificate management problem. We present rigorous security proofs to demonstrate the security of CPVPA, and conduct a comprehensive performance evaluation to show that CPVPA is efficient.

show abstract

Section: Public Blockchain and On-chain Currenciesmentioning

confidence: 99%

“…Now, we compute the probability that the adversary successfully biases Bl t . The adversary model and game model follow the ones proposed by Pierrot et al [42].…”

Section: Security Analysismentioning

confidence: 99%

Blockchain-Based Public Integrity Verification for Cloud Storage against Procrastinating Auditors

Zou

Lin

et al. 2021

IEEE Trans. Cloud Comput.

234

104

View full text Add to dashboard Cite

show abstract

“…Proof 4: Assume that the adversary is a miner, and the cloud server may collude with the miner. We follow the existing threat model of miner in [48]. Suppose that data M = {m i } 1≤i≤n consists of n blocks, where κ blocks are VOLUME 8, 2020 not valid, e.g.…”

Section: Theoremmentioning

confidence: 99%

Decentralized and Privacy-Preserving Public Auditing for Cloud Storage Based on Blockchain

Miao¹,

Huang²,

Xiao³

et al. 2020

IEEE Access

View full text Add to dashboard Cite

Cloud storage systems provide a flexible, convenient and friendly way for users to outsource data. However, users lose control of their data once outsourcing them to the cloud. Public auditing was introduced to ensure data integrity, in which a third-party auditor (TPA) is delegated to execute auditing tasks. In general, TPA generates and sends challenge information to the cloud server (CS), which proves data possession accordingly. However, the TPA may not perform public auditing protocol honestly or may even collude with CS to deceive users. Some existing public auditing schemes utilize blockchain to resist against the malicious TPA. However, the CS may guess the challenge messages and there is a risk that users' information may be leaked to the TPA during the process of auditing. In this paper, we propose a decentralized and privacy-preserving public auditing scheme based on blockchain (DBPA), in which a blockchain is utilized as an unpredictable source for the generation of (random) challenge information, and the auditor is required to record the audit process onto the blockchain. Due to the characteristics of blockchain, users can check the audit results publicly. Moreover, zero-knowledge proof is used in DBPA to protect user's privacy during the audit process so that the response information returned by the CS does not leak information about user's data. Security analysis and performance evaluation show that DBPA is secure and efficient.

show abstract

“…-Constructing a trustworthy randomness beacon, like the one introduced by Rabin in [62], where a public service produces a continuous stream of guaranteed unbiased randomness. The classic approach consisting in extracting randomness from entropy pool sources, such as stock prices or proof-of-work blockchainsà la Bitcoin, has been shown to be manipulable by active attackers [58]. For example, while the price of a particular stock may seem unpredictable to a passive observer, a powerful trader can influence the market trend, making the random output biased.…”

Section: Applicationsmentioning

confidence: 99%