skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Paralysis Proofs: Secure Dynamic Access Structures for Cryptocurrency Custody and More
The growing adoption of digital assets---including but not limited to cryptocurrencies, tokens, and even identities---calls for secure and robust digital assets custody. A common way to distribute the ownership of a digital asset is (M, N)-threshold access structures. However, traditional access structures leave users with a painful choice. Setting M = N seems attractive as it offers maximum resistance to share compromise, but it also causes maximum brittleness: A single lost share renders the asset permanently frozen, inducing paralysis. Lowering M improves availability, but degrades security. In this paper, we introduce techniques that address this impasse by making general cryptographic access structures dynamic. The core idea is what we call Paralysis Proofs, evidence that players or shares are provably unavailable. Using Paralysis Proofs, we show how to construct a Dynamic Access Structure System (DASS), which can securely and flexibly update target access structures without a trusted third party. We present DASS constructions that combine a trust anchor (a trusted execution environment or smart contract) with a censorship-resistant channel in the form of a blockchain. We offer a formal framework for specifying DASS policies, and show how to achieve critical security and usability properties (safety, liveness, and paralysis-freeness) in a DASS. To illustrate the wide range of applications, we present three use cases of DASSes for improving digital asset custody: a multi-signature scheme that can "downgrade" the threshold should players become unavailable; a hybrid scheme where the centralized custodian can't refuse service; and a smart-contract-based scheme that supports recovery from unexpected bugs.  more » « less
Award ID(s):
1704615
PAR ID:
10153193
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
AFT '19: Proceedings of the 1st ACM Conference on Advances in Financial Technologies
Page Range / eLocation ID:
1 to 15
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; ; (, ACM Conference on Computer and Communications Security (CCS))
    Cremers, Cas; Kirda, Engin (Ed.)
    We introduce the first practical protocols for fully decentralized sealed-bid auctions using timed commitments. Timed commitments ensure that the auction is finalized fairly even if all participants drop out after posting bids or if bidders collude to try to learn the bidder’s bid value. Our protocols rely on a novel non-malleable timed commitment scheme which efficiently supports range proofs to establish that bidders have sufficient funds to cover a hidden bid value. This allows us to penalize users who abandon bids for exactly the bid value, while supporting simultaneous bidding in multiple auctions with a shared collateral pool. Our protocols are concretely efficient and we have implemented them in an Ethereum- compatible smart contract which automatically enforces payment and delivery of an auctioned digital asset. 
    more » « less
  2. ; ; (, Leveraging Applications of Formal Methods, Verification and Validation. Industrial Practice. ISoLA 2018. Lecture Notes in Computer Science, vol)
    Smart contracts are programs that run atop of a blockchain infrastructure. They have emerged as an important new programming model in cryptocurrencies like Ethereum, where they regulate flow of money and other digital assets according to user-defined rules. However, the most popular smart contract languages favor expressiveness rather than safety, and bugs in smart contracts have already lead to significant financial losses from accidents. Smart contracts are also appealing targets for hackers since they can be monetized. For these reasons, smart contracts are an appealing opportunity for systematic auditing and validation, and formal methods in particular. In this paper, we survey the existing smart-contract ecosystem and the existing tools for analyzing smart contracts. We then pose research challenges for formal-methods and program analysis applied to smart contracts. 
    more » « less
  3. ; ; ; (, Cryptography)
    null (Ed.)
    Direct Memory Access (DMA) is a state-of-the-art technique to optimize the speed of memory access and to efficiently use processing power during data transfers between the main system and a peripheral device. However, this advanced feature opens security vulnerabilities of access compromise and to manipulate the main memory of the victim host machine. The paper outlines a lightweight process that creates resilience against DMA attacks minimal modification to the configuration of the DMA protocol. The proposed scheme performs device identification of the trusted PCIe devices that have DMA capabilities and constructs a database of profiling time to authenticate the trusted devices before they can access the system. The results show that the proposed scheme generates a unique identifier for trusted devices and authenticates the devices. Furthermore, a machine learning–based real-time authentication scheme is proposed that enables runtime authentication and share the results of the time required for training and respective accuracy. 
    more » « less
  4. ; ; (, 2022 IEEE 10th International Conference on Healthcare Informatics (ICHI))
    Smart Internet of Healthcare Things (IoHT) have the potential to transform patient care dramatically at reduced cost. The reality, however, is that there are serious security and privacy concerns that prevent this goal from being accomplished. The vast amounts of data being generated need to be kept secure to prevent harm to patients' health and privacy. For example, a cyberattack on heart rates data could cause patients to be over- or under-prescribed, causing severe consequences, including death. In this new environment, not ensuring a proper digital chain of custody leads to digital forensics challenges that could impact a criminal or malpractice investigation. This project explores enhancements needed to ensure security and privacy when IoHT are to be used in healthcare. A model is proposed to ensure a secure digital chain of custody for IoHT using database auditing techniques. The current status of the proposed concept and future directions are also discussed. 
    more » « less
  5. ; ; ; (, International Symposium on Foundations and Applications of Blockchain)
    Securing blockchain smart contracts is difficult, especially when they interact with one another. Existing tools for reasoning about smart contract security are limited in one of two ways: they either cannot analyze cooperative interaction between contracts, or they require all interacting code to be written in a specific language. We propose an approach based on information flow control~(IFC), which supports fine-grained, compositional security policies and rules out dangerous vulnerabilities. However, existing IFC systems provide few guarantees on interaction with legacy contracts and unknown code. We extend existing IFC constructs to support these important functionalities while retaining compositional security guarantees, including reentrancy control. We mix static and dynamic mechanisms to achieve these goals in a flexible manner while minimizing run-time costs. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email