Beiträge in Tagungsbänden:
M. Maffei, P. Moreno-Sanchez, A. Kate, G. Malavolta:
"SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks";
in: "2017 Network and Distributed System Security Symposium",
Internet Society,
Reston, Virginia, USA,
2017,
ISBN: 1-891562-46-0,
S. 1
- 15.
Kurzfassung englisch:
Abstract-Credit networks model transitive trust (or credit) between users in a distributed environment and have recently seen a rapid increase of popularity due to their flexible design and robustness against intrusion. They serve today as a backbone of real-world IOweYou transaction settlement networks such as Ripple and Stellar, which are deployed by various banks worldwide, as well as several other systems, such as spamresistant communication protocols and Sybil-tolerant social networks.Currentsolutions,however,raiseseriousprivacyconcerns, asthenetworktopologyaswellasthecreditvalueofthelinksare madepublicforapparenttransparencypurposesandanychanges are logged. In payment scenarios, for instance, this means that all transactions have to be public and everybody knows who paid what to whom. In this work, we question the necessity of a privacy-invasive transaction ledger. In particular, we present SilentWhispers, the first distributed, privacy-preserving credit network that does not require any ledger to protect the integrity of transactions. Yet, SilentWhispers guarantees integrity and privacy of link values and transactions even in the presence of distrustful users and malicious neighbors, whose misbehavior in changing link values is detected and such users can be held accountable. We formalize these properties as ideal functionalities in the universal composability framework and present a secure realization based on a novel combination of secret-sharing-based multiparty computation and digital signature chains. SilentWhispers can handle network churn, and it is efficient as demonstrated with a prototype implementation evaluated using payments data extracted from the currently deployed Ripple payment system.
"Offizielle" elektronische Version der Publikation (entsprechend ihrem Digital Object Identifier - DOI)
http://dx.doi.org/10.14722/ndss.2017.23448
Elektronische Version der Publikation:
http://publik.tuwien.ac.at/files/publik_268450.pdf
Erstellt aus der Publikationsdatenbank der Technischen Universität Wien.