Data Privacy Management, Cryptocurrencies and Blockchain Technology
ESORICS 2018 International Workshops, DPM 2018 and CBT 2018, Barcelona, Spain, September 6-7, 2018, Proceedings
Published on 6. September 2018
XV, 442 pages
978-3-030-00305-0 (ISBN)
Description
This book constitutes the refereed conference proceedings of the 2nd International Workshop on Cryprocurrencies and Blockchain Technology, CBT 2018, and the 13
th
International Workshop on Data Privacy Management, DPM 2018, on conjunction with the 23
nd
European Symposium on Research in Computer Security, ESORICS 2018, held in Barcelona, Spain, in September 2018. From the CBT Workshop 7 full and 8 short papers out of 39 submissions are included. The selected papers cover aspects of identity management, smart contracts, soft- and hardforks, proof-of-works and proof of stake as well as on network layer aspects and the application of blockchain technology for secure connect event ticketing. The DPM Workshop received 36 submissions from which 11 full and 5 short papers were selected for presentation. The papers focus on challenging problems such as translation of high-level buiness goals into system level privacy policies, administration of sensitive identifiers, data integration and privacy engineering.
More details
Other editions
Additional editions
Joaquin Garcia-Alfaro | Jordi Herrera-Joancomartí | Giovanni Livraga
Data Privacy Management, Cryptocurrencies and Blockchain Technology
ESORICS 2018 International Workshops, DPM 2018 and CBT 2018, Barcelona, Spain, September 6-7, 2018, Proceedings
Book
09/2018
Springer
€79.17
Shipment within 7-9 days
Content
- Intro
- Foreword from the CBT 2018 Program Chairs
- Organization
- Foreword from DPM 2018 Program Chairs
- Organization
- Contents
- CBT Workshop: Smart Contracts
- Succinctly Verifiable Sealed-Bid Auction Smart Contract
- 1 Introduction
- 2 Related Work
- 3 Preliminaries
- 3.1 Commitment Scheme
- 3.2 zk-SNARK
- 4 Auction Contract Design
- 4.1 Arithmetic Circuit Generation
- 4.2 Generation of CRS
- 4.3 Smart Contract Deployment
- 4.4 Submission of Bids
- 4.5 Opening the Commitments
- 4.6 Proof Generation and Verification
- 4.7 Gas Cost Analysis
- 4.8 Checking for Potential Security Bugs
- 5 Conclusions
- References
- Blockchain-Based Fair Certified Notifications
- 1 Introduction
- 2 Ideal Properties of a Fair Certified Notification System.
- 3 State of the Art of Fair Certified Notification Protocols
- 4 Conceptual Design of Two Blockchain-Based Systems for Fair Certified Notifications
- 4.1 Non-confidential Notifications Without TTP
- 4.2 Optimistic Confidential Notifications with Stateless TTP
- 5 Smart Contracts Development Settings
- 6 Development of the Non-Confidential Blockchain-Based Fair Certified Notifications Protocol Without TTP
- 6.1 Smart Contract
- 6.2 Properties
- 7 Development of the Confidential Blockchain-Based Fair Certified Notifications Protocol
- 7.1 Smart Contract
- 7.2 Properties
- 8 Comparison and Conclusions
- 9 Future Work
- References
- On Symbolic Verification of Bitcoin's script Language
- 1 Introduction
- 2 Bitcoin's Blockchain and Transactions
- 3 Related Work
- 4 script - A Fragment of
- 5 Symbolic Evaluation of script Programs
- 5.1 The Execution Stack Model
- 5.2 Symbolic Simulation of script Computations
- 5.3 Implementation
- 6 Two Non-standard Transactions
- 7 Future Work
- 8 Conclusions
- References
- Self-reproducing Coins as Universal Turing Machine
- 1 Introduction
- 2 Rule 110 Implementation
- 3 Discussion
- A Appendix
- References
- CBT Workshop: Second Layer, Off-chain Transactions and Transparency
- Split Payments in Payment Networks
- 1 Introduction
- 2 Background and Past Work
- 3 Split Payments
- 3.1 Payment Splitting Proposal
- 3.2 Atomic Multi-path Payments
- 3.3 Network Analysis
- 4 Simulation
- 5 Experiments
- 5.1 Split payments vs. AMP
- 6 Conclusions
- References
- Payment Network Design with Fees
- 1 Introduction
- 2 Preliminaries and Notation
- 3 A Linear Program for Trees
- 4 Dynamic Program for Paths
- 5 Payment Hub: A Near-Optimal Solution
- 6 Related Work
- 7 Conclusion
- References
- Atomic Information Disclosure of Off-Chained Computations Using Threshold Encryption
- 1 Introduction
- 2 Problem Motivation and Related Work
- 3 Atomic Information Disclosure Pattern
- 4 Discussion and Future Work
- References
- Contour: A Practical System for Binary Transparency
- 1 Introduction
- 2 Related Work
- 3 Background
- 3.1 Software Distribution
- 3.2 Distributed Ledgers
- 4 Threat Model and Setting
- 5 Design of Contour
- 5.1 Logging and Publishing Statements
- 5.2 Proving Inclusion
- 5.3 Verifying Inclusion
- 5.4 Ensuring Availability
- 6 Evaluation
- 7 Implementation and Performance
- 8 Use Case: Debian
- 9 Conclusion
- References
- CBT Workshop: Consensus, Mining Pools and Performance
- What Blockchain Alternative Do You Need?
- 1 Introduction
- 2 Background
- 2.1 Blockchain Terminology
- 3 Evaluation of Decision Schemes
- 3.1 An Overview of Schemes
- 3.2 Model 1 Scheme End States
- 3.3 Model 2 Scheme End States
- 3.4 Model 3 Scheme End States
- 3.5 Scheme Questions
- 3.6 Inconsistency Between Schemes
- 4 A New Scheme
- 4.1 Scheme Questions and End States
- 5 Discussion
- 6 Future Work
- 7 Conclusion
- References
- Valuable Puzzles for Proofs-of-Work
- 1 Introduction
- 2 Puzzles and Their Properties
- 3 Generic Bitcoin-Like Construction
- 4 Schnorr Signature Puzzles
- 5 Conclusion
- References
- A Poisoning Attack Against Cryptocurrency Mining Pools
- 1 Introduction
- 2 Technical Background
- 2.1 Blockchain and Mining Pool
- 2.2 Cryptographic Puzzle
- 2.3 Stratum-Mining Pool Communication Protocol
- 2.4 Invalid Share Policy
- 3 Attack Method
- 3.1 Collecting Mining Pool and Miner Information
- 3.2 Collecting Mining API Information
- 3.3 Attacking Miners' Reputation
- 4 Evaluation
- 4.1 Feasibility of the Attack in Terms of Required Resources: Theoretical Analysis
- 4.2 Experimental Evaluation
- 4.3 Responsible Disclosure
- 5 Possible Remediation of the Attack
- 6 Related Work
- 7 Conclusion
- References
- Using Economic Risk to Model Miner Hash Rate Allocation in Cryptocurrencies
- 1 Introduction
- 2 Background
- 3 Related Work
- 4 Miner Hash Allocation
- 4.1 An Economic Model
- 4.2 Profit and Volatility in Multi-chain Mining
- 5 Model Validation and Parameter Fitting
- 5.1 Inferred Miner Risk
- 5.2 Determining Miner Lookback Period t
- 5.3 Comparing Actual to Optimal Allocations
- 6 Using Risk to Explain Change in Inter-Block Time
- 7 DAA Susceptibility to Price Shocks
- 8 Conclusions
- References
- CBT Workshop: Deadlocks, Attacks and Privacy
- Avoiding Deadlocks in Payment Channel Networks
- 1 Introduction
- 1.1 Related Work
- 2 Background
- 2.1 Payment Channels
- 2.2 Payment Channel Networks
- 3 Network Model
- 4 Routing and Deadlocks in Payment Channel Networks
- 4.1 Opening a Payment Route
- 4.2 Deadlocks in Payment Channel Networks
- 4.3 The Safe Routing Problem
- 5 A Deadlock-Free Payment Network Protocol
- 5.1 Protocol Description
- 5.2 Protocol Properties
- 6 Conclusions
- References
- Coloured Ring Confidential Transactions
- 1 Introduction
- 2 Preliminaries
- 2.1 Pedersen Commitments
- 2.2 Multilayered Linkable Spontaneous Ad-Hoc Group Signature
- 3 Our Coloured Ring Confidential Transaction
- 4 Discussion
- 5 Related Work
- 6 Conclusion
- References
- Pitchforks in Cryptocurrencies:
- 1 Introduction
- 1.1 System Model and Attack Goals
- 1.2 Background
- 2 Pitchfork Attack Description
- 2.1 Effects of the Attack
- 3 Countermeasures
- 4 Related Work
- 5 Discussion and Future Work
- References
- DPM Workshop: Privacy Assessment and Trust
- Towards an Effective Privacy Impact and Risk Assessment Methodology: Risk Analysis
- 1 Introduction
- 2 Background and Motivation
- 3 An Analysis of PIA Processes
- 4 A Privacy Risk Model
- 5 An Analysis Approach
- 6 A Case Study
- 6.1 Overview
- 6.2 Context Establishment
- 6.3 Vulnerability Analysis
- 6.4 Threat Analysis
- 6.5 Harm Analysis
- 7 Conclusion
- References
- Privacy Risk Assessment: From Art to Science, by Metrics
- 1 Introduction
- 2 State of the Art
- 3 Benefits and Building Blocks for Privacy Risk Metrics
- 4 Impact Quantification
- 4.1 Scale
- 4.2 Sensitivity
- 4.3 Expectation
- 4.4 Harm
- 5 Likelihood Quantification
- 5.1 Likelihood of Attack
- 5.2 Likelihood of Adverse Effect
- 5.3 Exploitability
- 6 Privacy Risk Metrics
- 7 Case Study: Privacy Risks in a Flashlight App
- 7.1 Collection of Data Not Required for Primary Purpose
- 7.2 Sharing of Data with Third Party
- 7.3 Discussion
- 8 Conclusion
- References
- Bootstrapping Online Trust: Timeline Activity Proofs
- 1 Introduction
- 2 Modeling Timeline Activity Proofs
- 2.1 Entities and Their Roles
- 2.2 Modeling Timeline Activities
- 2.3 Linking Timeline Activities with the Public Ledger
- 2.4 Timeline Activity Proofs: Definition
- 2.5 Security Properties
- 3 Our TAP Construction
- 3.1 Building Blocks
- 3.2 Key Management
- 3.3 Generic Construction
- 3.4 Security Analysis
- 4 Conclusion and Future Directions
- References
- DPM Workshop: Private Data and Searches
- Post-processing Methods for High Quality Privacy-Preserving Record Linkage
- 1 Introduction
- 2 Background and Related Work
- 2.1 PPRL Process
- 2.2 Related Work
- 3 Problem Definition
- 4 Post-processing Strategies for PPRL
- 4.1 Symmetric Best Match
- 4.2 Stable Marriage and Stable Matchings
- 4.3 Maximum Weight Matchings
- 5 Evaluation
- 5.1 Experimental Setup
- 5.2 PPRL Setup
- 5.3 Datasets
- 5.4 Evaluation Metrics
- 5.5 Evaluation Results
- 6 Conclusion
- References
- -DOCA: Achieving Privacy in Data Streams
- 1 Introduction
- 2 Related Work
- 3 -DOCA
- 3.1 Domain Bounding by
- 3.2 Online Clustering and Anonymization
- 4 Experimental Evaluation
- 4.1 Domain Bounding by Evaluation
- 4.2 -DOCA Evaluation
- 5 Conclusion
- References
- Data Oblivious Genome Variants Search on Intel SGX
- 1 Introduction
- 2 Security Model of SGX
- 3 Whole Genome Variants Search
- 3.1 Track 2 of the iDASH 2017 Challenge: 2 Test for Whole Genome Variants Search
- 3.2 The Winning Solution of the iDash Track 2 Challenge carpovTortech18
- 4 Oblivious Genome Variants Search
- 5 Oblivious Dictionary Merging
- 6 Experimental Results
- References
- DPM Workshop: Internet of Things
- Developing GDPR Compliant Apps for the Edge
- 1 Introduction
- 2 Related Work
- 2.1 Domestic Smart Hubs
- 2.2 Privacy Preserving Environments
- 2.3 Developer Support
- 3 GDPR Compliance and Its Influence on Developers
- 4 The Databox SDK
- 4.1 Features Enabling GDPR Compliance
- 4.2 Future Research for the SDK
- 5 Conclusion
- References
- YaPPL - A Lightweight Privacy Preference Language for Legally Sufficient and Automated Consent Provision in IoT Scenarios
- 1 Introduction
- 2 Consent in the IoT Context
- 2.1 Legal Requirements for Consent
- 2.2 IoT-Systems Perspective
- 2.3 Scenario and Architecture
- 3 YaPPL
- 3.1 Formalization of Consent
- 3.2 Requirements and Design Decisions
- 3.3 Policy Format Specification and Example
- 3.4 Core Functionalities Based on YaPPL
- 3.5 Evaluation
- 4 Related Work and Discussion
- 5 Conclusion and Outlook
- References
- PrivacyGuard: Enforcing Private Data Usage with Blockchain and Attested Execution
- 1 Introduction
- 2 PrivacyGuard Overview: A Framework Enabling User Control on IoT Data Usage
- 2.1 PrivacyGuard Architecture
- 2.2 Workflow
- 3 Conclusion
- References
- DPM Workshop: Privacy and Cryptography
- A Performance and Resource Consumption Assessment of Secret Sharing Based Secure Multiparty Computation
- 1 Introduction
- 2 Secure Multiparty Computation
- 3 Related Work
- 4 Preliminary Execution Time Considerations
- 5 Evaluation Setup
- 5.1 Scenario
- 5.2 Methodology
- 6 Results
- 6.1 Host Resources
- 6.2 Network Resources
- 6.3 User Resource: Time
- 7 Practical Implications
- 8 Conclusion
- References
- Privacy-Preserving Trade Chain Detection
- 1 Introduction
- 2 Preliminaries
- 2.1 Paillier Threshold Cryptosystem
- 2.2 Secure Multi-Party Computation
- 3 Overview
- 3.1 Bartering Related Terminology
- 3.2 Approach
- 4 Gates
- 4.1 Secure Basic Operations
- 4.2 Secure Negative Cost Cycle Computation
- 5 Protocol
- 5.1 Intuition
- 5.2 Protocol Description
- 6 Related Work and Discussion
- References
- FHE-Compatible Batch Normalization for Privacy Preserving Deep Learning
- 1 Introduction
- 2 Background
- 2.1 Fully Homomorphic Encryption (FHE)
- 2.2 Deep Neural Networks (DNN)
- 2.3 Batch Normalization (BN)
- 3 Problem Statement
- 3.1 Encrypting Deep Neural Networks
- 3.2 Related Work
- 3.3 BN vs. LHE: How to Address Conflicting Requirements
- 4 Solution
- 4.1 A First Approach: Reformulating Batch Normalization
- 4.2 The Re-parametrization Trick: Absorbing BN Layer
- 4.3 Integration with Neural Networks
- 5 Evaluation
- 5.1 Impact on Accuracy
- 5.2 Performance Analysis
- 6 Conclusion
- References
- DPM Workshop: Future Internet
- A General Algorithm for k-anonymity on Dynamic Databases
- 1 Introduction
- 1.1 Related Literature
- 2 Proposed Method
- 3 Empirical Evaluation
- 4 Conclusions
- References
- On Security of Anonymous Invitation-Based System
- 1 Introduction
- 2 Preliminaries
- 3 Anonymous Invitation-Based System
- 3.1 Our Syntax
- 3.2 Inviter Anonymity
- 3.3 Invitation Existential Unforgeability
- 3.4 Invitation Opacity
- 3.5 Invitation Extractability
- 4 Conclusion
- References
- Probabilistic Metric Spaces for Privacy by Design Machine Learning Algorithms: Modeling Database Changes
- 1 Introduction
- 2 Distances and Metrics
- 2.1 Metrics for Sets of Objects
- 2.2 Probabilistic Metric Spaces
- 3 Probabilistic Metric Spaces for Machine Learning Models
- 4 Discussion and Conclusions
- References
- Lifelogging Protection Scheme for Internet-Based Personal Assistants
- 1 Introduction
- 2 Related Work
- 3 Problem Statement
- 3.1 EU Data Protection Actors
- 3.2 Data Structure
- 3.3 Privacy and Utility Trade-off
- 4 Our Proposal
- 4.1 Working Properties of the Extended Architecture
- 4.2 Discussion
- 5 Conclusion
- References
- Author Index
