Conference:IEEE Transactions on Dependable and Secure Computing
CCF level:CCF A
Categories:网络与信息安全
Year:2025
18
Title:
A High-Throughput and Secure Coded Blockchain for IoT
一种用于物联网的高吞吐量安全编码区块链
Authors:****
Amirhossein Taherpour, Electrical Engineering Department, Columbia University, New York, NY, USA
Xiaodong Wang, Electrical Engineering Department, Columbia University, New York, NY, USA
Key words:
Blockchains, Internet Of Things, Throughput, Security, Scalability, Consensus Algorithm, Encoding, Secure Storage, Redundancy, Real Time Systems
区块链、物联网、吞吐量、安全性、可扩展性、共识算法、编码、安全存储、冗余、实时系统
Abstract:****
We propose a new coded blockchain scheme suitable for the Internet-of-Things (IoT) network. In contrast to existing works for coded blockchains, especially blockchain-of-things, the proposed scheme is more realistic, practical, and secure while achieving high throughput. This is accomplished by: 1) modeling the variety of transactions using a reward model, based on which an optimization problem is solved to select transactions that are more accessible and cheaper computational-wise to be processed together; 2) a transaction-based and lightweight consensus algorithm that emphasizes on using the minimum possible number of miners for processing the transactions; and 3) employing the raptor codes with linear-time encoding and decoding which results in requiring lower storage to maintain the blockchain and having a higher throughput. We provide detailed analysis and simulation results on the proposed scheme and compare it with the state-of-the-art coded IoT blockchain schemes including Polyshard and LCB, to show the advantages of our proposed scheme in terms of security, storage, decentralization, and throughput.
我们提出了一种适用于物联网(IoT)网络的新型编码区块链方案。与现有的编码区块链方案(特别是物联网区块链)相比,我们提出的方案更加现实、实用且安全,同时还能实现高吞吐量。这主要通过以下方式实现:1)使用奖励模型对各种交易进行建模,并基于此解决一个优化问题,以选择更容易访问且计算成本更低的交易进行批量处理;2)一种基于交易的轻量级共识算法,该算法强调使用尽可能少的矿工来处理交易;3)采用具有线性时间编码和解码的Raptor码,从而降低维护区块链所需的存储空间并提高吞吐量。我们对提出的方案进行了详细的分析和仿真,并将其与包括Polyshard和LCB在内的现有先进物联网编码区块链方案进行了比较,以展示我们提出的方案在安全性、存储、去中心化和吞吐量方面的优势。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/04/10852554/23LwJ5grKPC
19
Title:
Multi-Signature and Game Based Blockchain Interoperability Oracle
基于多重签名和游戏的区块链互操作性预言机
Authors:****
Zhiwei Wang, School of Computer Sciences, Nanjing University of Posts and Telecommunications, Nanjing, China
Siuming Yiu, Department of Computer Sciences, University of Hong Kong, Hong Kong
Longwen Lan, Huawei Technologies Company Ltd., Shenzhen, China
Key words:
Blockchains, Smart Contracts, Interoperability, Public Key, Costs, Security, Robustness, Aggregates, Training, Data Mining, Decentralization Oracle, Subgroup Multisignature
区块链、智能合约、互操作性、公钥、成本、安全性、鲁棒性、聚合、训练、数据挖掘、去中心化预言机、子群多重签名
Abstract:****
To solve the problem of blockchain interoperability, we propose an efficient decentralization oracle solution. We design a subgroup Schnorr multisignature for the off-chain aggregation mechanism of our system, which is proven to be secure and robust. Compared with threshold signature-based schemes, the subgroup multisignature-based scheme does not require the execution of the distributed key generation protocol, which greatly reduces off-chain costs. The on-chain verification of the Schnorr signature is also more efficient than the pairing-based signatures. Then, we design a fair incentive mechanism to encourage the oracle nodes to work hard to validate the external data, which is based on a repeated dynamic game. Compared with the existing incentive mechanisms, our mechanism considers the real actions of each node to determine whether it should be rewarded or penalized. We implement our system over the Ethereum blockchain, and the experiments show its good performance.
为了解决区块链互操作性问题,我们提出了一种高效的去中心化预言机解决方案。我们为系统的链下聚合机制设计了一种子群Schnorr多重签名方案,并证明了其安全性和鲁棒性。与基于阈值签名的方案相比,基于子群多重签名的方案无需执行分布式密钥生成协议,从而大大降低了链下成本。此外,Schnorr签名的链上验证也比基于配对的签名更加高效。我们还设计了一种基于重复动态博弈的公平激励机制,以鼓励预言机节点积极验证外部数据。与现有激励机制相比,我们的机制会考虑每个节点的实际行为来决定是否对其进行奖励或惩罚。我们在以太坊区块链上实现了该系统,实验结果表明其性能良好。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/04/10887331/24kJ6lj03CM
20
Title:
CAPE: Commitment-Based Privacy-Preserving Payment Channel Scheme in Blockchain
CAPE:基于承诺的区块链隐私保护支付通道方案
Authors:****
Keke Gai, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Yunwei Guo, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Jing Yu, School of Information Engineering, Minzu University of China, Beijing, China
Weilin Chan, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Liehuang Zhu, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Yinqian Zhang, Department of Computer Science and Engineering, Southern University of Science and Technology, Shenzhen, China
Weizhi Meng, School of Computing and Communications, Lancaster University, U.K.
Key words:
Blockchains, Privacy, Security, Scalability, Bitcoin, Electronic Mail, Training, Reviews, Protection, Proposals, Payment Channel, Privacy Preserving, Zero Knowledge Proof,
区块链、隐私、安全、可扩展性、比特币、电子邮件、培训、评论、保护、提案、支付通道、隐私保护、零知识证明
Abstract:****
Ensuring scalability in cryptocurrency systems is significant in guaranteeing real-world utility along with the remarkable increment of cryptographic currency. As an alternative in solving scalability issue, payment channel allows users to deliver extensive offline transactions without uploading massive transaction details to the blockchain, such that increasing efficiency can be achieved. However, the implementation of payment channel still encounters privacy concerns when considering the publicly available transaction amounts and the potentials in mining associations between transaction parties. In this paper, we propose a novel payment channel scheme, entitled Commitment-based Anonymous Payment ChannEl (CAPE), to facilitate unlimited off-chain bidirectional payments while guaranteeing participants' privacy. The proposed scheme adopts zero-knowledge proof (zk-SNARKs) and verifiable timed (VTD) commitments to ensure the anonymity of the relationship between on-chain and off-chain transactions, privacy of transaction amounts, and security of balances. We comprehensively formalize security definitions and present rigorous proofs for each security attribute. Experiment results further demonstrate the practical viability of CAPE.
确保加密货币系统的可扩展性对于保障其在现实世界中的实用性以及加密货币的显著增长至关重要。作为解决可扩展性问题的替代方案,支付通道允许用户进行大量的离线交易,而无需将大量的交易细节上传到区块链,从而提高效率。然而,在考虑交易金额的公开性以及交易双方之间可能存在的关联性时,支付通道的实现仍然面临隐私问题。在本文中,我们提出了一种名为基于承诺的匿名支付通道(CAPE)的新型支付通道方案,旨在促进无限量的链下双向支付,同时保障参与者的隐私。该方案采用零知识证明(zk-SNARKs)和可验证时间延迟(VTD)承诺,以确保链上和链下交易之间关系的匿名性、交易金额的隐私性以及余额的安全性。我们对安全定义进行了全面的形式化,并对每个安全属性提供了严格的证明。实验结果进一步证明了 CAPE 的实际可行性。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/04/10891507/24pHTUZPmxO
21
Title:
A Moving Target DDoS Defense Approach in Consortium Blockchain
联盟区块链中基于动态目标的DDoS防御方法
Authors:****
Keke Gai, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Guolei Zhang, School of Computer Science and Technology, Beijing Institute of Technology, Beijing, China
Peng Jiang, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Liehuang Zhu, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Kim-Kwang Raymond Choo, Department of Information Systems and Cyber Security and Department of Electrical and Computer Engineering, University of Texas at San Antonio, San Antonio, TX, USA
Key words:
Blockchains, Computer Crime, Organizations, Denial Of Service Attack, Peer To Peer Computing, Costs, Collaboration, Floods, Synchronization
区块链、计算机犯罪、组织机构、拒绝服务攻击、对等计算、成本、协作、洪水攻击、同步
Abstract:****
Although consortium blockchain has an identification mechanism, the captured internal clients are potentially threatening internal blockchain nodes. Internal Distributed Denial-of-Service (DDoS) attacks threaten the specific nodes in consortium blockchain, e.g., the executor, consensus, and committer nodes. Typical attack methods may include SYN Flooding and ACK Flooding and deny normal transaction service by sending many invalid transactions and blocks. In this work, we have proposed an organization collaboration-based DDoS defense approach and a Deep Q-learning (DQN)-based Moving Target Defense (MTD) for changing attack surface of victims in consortium blockchain. On one hand, contracts are used to synchronize attack information obtained from organizations, e.g., bots' IP addresses and public keys. On the other hand, we have developed a DQN-based MTD defense mechanism for organizations to change the attack surface of victims in order to mitigate the malicious traffic, in the case of missing detections of bots. Our approach applies a multi-stage game to reflect interactions between attackers and defenders. The evaluation results have demonstrated that our approach could effectively mitigate DDoS attacks in consortium blockchain.
尽管联盟链具有身份识别机制,但被攻击者控制的内部客户端仍然可能威胁到联盟链的内部节点。内部分布式拒绝服务(DDoS)攻击会威胁联盟链中的特定节点,例如执行节点、共识节点和提交节点。典型的攻击方法包括 SYN 洪水攻击和 ACK 洪水攻击,以及通过发送大量无效交易和区块来拒绝正常的交易服务。在本文中,我们提出了一种基于组织协作的 DDoS 防御方法和一种基于深度 Q 学习(DQN)的移动目标防御(MTD)方法,用于改变联盟链中受害者的攻击面。一方面,我们使用智能合约来同步从各个组织获取的攻击信息,例如僵尸网络的 IP 地址和公钥。另一方面,我们开发了一种基于 DQN 的 MTD 防御机制,使组织能够改变受害者的攻击面,从而在未能检测到僵尸网络的情况下减轻恶意流量。我们的方法采用多阶段博弈来反映攻击者和防御者之间的交互。评估结果表明,我们的方法可以有效地缓解联盟链中的 DDoS 攻击。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/04/10908091/24HXX8EHbTq
22
Title:
Decentralized and Fair Trading Via Blockchain: The Journey So Far and the Road Ahead
通过区块链实现去中心化和公平交易:迄今为止的进展和未来的发展方向
Authors:****
Hao Zeng, School of Computer Science, Northwestern Polytechnical University, Xi'an, China
Helei Cui, School of Computer Science, Northwestern Polytechnical University, Xi'an, China
Man Li, School of Computer Science, Northwestern Polytechnical University, Xi'an, China
Bo Zhang, School of Computer Science, Northwestern Polytechnical University, Xi'an, China
Chengjun Cai, City University of Hong Kong (Dongguan), Dongguan, China
Zhiwen Yu, Northwestern Polytechnical University, Xi'an, China
Bin Guo, School of Computer Science, Northwestern Polytechnical University, Xi'an, China
Key words:
Blockchains, Smart Contracts, Security, Privacy, Reliability Engineering, Bitcoin, Electronic Mail, Consensus Protocol, Training, Surveys, Decentralized Fair Trading,
区块链、智能合约、安全、隐私、可靠性工程、比特币、电子邮件、共识协议、培训、调查、去中心化公平交易
Abstract:****
Centralized trading platforms have long been the preferred choice for users, despite growing concerns regarding data privacy. Users have to place their trust in these platforms and provide sensitive personal information, like identities and financial accounts. However, these centralized platforms often lack transparency, making it challenging to ensure fairness, privacy, and security against both external and internal risks. In contrast, a decentralized fair trading paradigm, harnessing the potential of blockchain technology, is rapidly emerging. It empowers individuals to engage in the exchange of digital assets with others while guaranteeing fairness, efficiency, and privacy. In this paper, we conduct a comprehensive survey of decentralized fair trading. We commence by providing fundamental definitions of fair trading and tracing its evolution over time. We then delve into the essential framework of on-chain and off-chain trading and highlight key improvements that enhance the efficiency of decentralized fair trading within various application scenarios. Furthermore, we undertake a thorough analysis of privacy and security enhancements within the scope, summarizing defenses against known attacks. Finally, we outline the challenges and offer insights into the future prospects of decentralized fair trading, with the aim of inspiring the development of more innovative and promising designs in this evolving trend.
尽管人们对数据隐私的担忧日益加剧,但中心化交易平台长期以来一直是用户的首选。用户必须信任这些平台,并提供敏感的个人信息,例如身份信息和金融账户信息。然而,这些中心化平台往往缺乏透明度,难以确保交易的公平性、隐私性和安全性,也难以抵御来自外部和内部的风险。相比之下,一种利用区块链技术潜力的去中心化公平交易模式正在迅速兴起。它使个人能够与其他用户进行数字资产交易,同时保证公平性、效率和隐私。本文对去中心化公平交易进行了全面综述。我们首先提供了公平交易的基本定义,并追溯了其发展历程。然后,我们深入探讨了链上和链下交易的基本框架,并重点介绍了在各种应用场景下提高去中心化公平交易效率的关键改进措施。此外,我们还对该领域的隐私和安全增强措施进行了深入分析,并总结了针对已知攻击的防御措施。最后,我们概述了去中心化公平交易面临的挑战,并对其未来发展前景提出了见解,旨在激发人们在这个不断发展的趋势中设计出更具创新性和前景的方案。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/04/10908867/24MWAvwxAKQ