RSA Accumulator Research Articles

Counter: A Novel Scheme Ensuring Compliance and Privacy in Cryptocurrency-Based Blockchain

An extremely secure cryptocurrency, commonly known as the Decentralized Anonymous Payment System (DAP), stands as one of the most innovative and widely embraced applications in the field of blockchain. Although the DAP provides a strong degree of transaction privacy and user anonymity, it has been utilized illegally in criminal activities, constituting security challenges to governments and financial institutions. In this paper, we propose a solution known as Counter: A Novel Scheme Ensuring Compliance and Privacy in Cryptocurrency-Based Blockchain, which aims to preserve transaction privacy while providing governments with supervision and enforcing regulations over transactions. Our suggested counter imposed limitations on the transfer of large amounts of cryptocurrencies and also imposed a restriction on the trading of cryptocurrencies during specific time periods. The principal feature of our proposed system involves employing the Order-Preserving Encryption (OPE) and Pedersen Commitment to implement a financial policy ensuring that the transferred amount remains within the allowed range and does not exceed the limit. Besides, we utilized the Unix timestamp to guarantee that the transaction is carried out within the allowed date and time frame. We utilized the RSA accumulator to provide government supervision and enforce regulations. Our suggested counter employs the combination of the ring signature, Pedersen Commitment, and stealth address to protect transaction privacy. Our system fulfills all the security requirements for organizing digital assets that have been defined by international financial institutions and authorities. Finally, the assessment shows that our system is effective and efficient compared to other systems.

Enabling Privacy-Preserving and Efficient Authenticated Graph Queries on Blockchain-Assisted Clouds

Prior research has introduced a new scenario of blockchain-assisted clouds where the data owner outsources original data to cloud servers and stores some metadata on the blockchain. Despite some research on key-value query and range query in this hybrid-storage scenario, other more complicated data types are not yet supported. In this paper, we conduct pioneering research on authenticated queries for graph data, which is a popular data type such as the knowledge graph data, on the blockchain-assisted cloud. The primary challenge is how to design an authenticated data structure (ADS) that supports authenticated queries and can be easily maintained by the blockchain. To this end, we propose a novel ADS, named PAGB, based on the RSA accumulator and completeness set. It can also prevent the original data from being revealed to the public through blockchain or irrelevant queries. We further optimize our design to be more efficient in terms of communication and computation. The effectiveness and efficiency of PAGB are verified through theoretical analysis and extensive experiments.

Blockchain based secure relay scheme for space-terrestrial integrated networks

The future 6G networks will integrates space and terrestrial networks to realize a fully connected world with extensive collaboration. However, how to build trust between multiple parties is a difficult problem for secure cooperation without a reliable third-party. Blockchain is a promising technology to solve this problem by converting the trust between multi-parties to the trust to the common shared data. Several works have proposed to apply the incentive mechanism in blockchain to encourage effective cooperation, but how to evaluate the cooperation performance and avoid breach of contract is not discussed. In this paper, a secure relay scheme is proposed based on the consortium blockchain system composed by different operators. In particular, smart contract checks the integrity of the message based on RSA accumulator, and executes transactions automatically when the message is delivered successfully. Detailed procedures are introduced for both uplink and downlink relay. Implementation based on Hyper-ledger Fabric proves the effectiveness of the proposed scheme and shows that the complexity of the scheme is low enough for practical deployment.

Verifiable and Dynamic Multi-Keyword Search Over Encrypted Cloud Data Using Bitmap

Searchable Symmetric Encryption (SSE), which enables users to search over encrypted data without decryption, has gained increasing attention from both academic and industrial fields. However, existing SSE schemes either have low search efficiency or cannot support multi-keyword search, dynamic updates, and result verification simultaneously. To solve these problems, we propose a Verifiable and Dynamic Multi-keyword Search (VDMS) scheme over encrypted data by using the bitmap and RSA accumulator, which provides multi-keyword search over encrypted data in an efficient, verifiable and updated way. The bitmap is used as a data structure to build the indexes, which improves the search efficiency and reduces the storage space of the indexes. The RSA accumulator and bitmap are combined to verify the correctness of results. Formal security analysis proves that our VDMS is adaptively secure against Chosen-Keyword Attacks (CKA), and empirical experiments using a real-world dataset demonstrate that our VDMS is efficient and feasible in practical applications.

Study on novel cross-chain mechanism in internet healthcare environment

The scalability and interoperability of traditional blockchain can hardly meet the value delivery of multiple systems in internet healthcare. Therefore, to enable the interaction of values between heterogeneous blockchains, we propose a cross-chain mechanism based on a generic global relay chain strategy and a scalable heterogeneous multi-chain system. Also, an unused transaction output (UTXO) verification mechanism based on RSA accumulator is proposed to address the shortcomings of using simplified payment verification (SPV) to verify transactions. In this paper, five experimental tests were performed: pressure, stability, response time, throughput, and latency. Experiments show that its computational complexity for cross-chain transaction validation remains constant as the number of transactions increases. Thus, an efficient cross-chain value transfer is achieved.

L2chain

With the rapid development of blockchain, the concept of decentralized applications (DApps), built upon smart contracts, has attracted much attention in academia and industry. However, significant issues w.r.t. system throughput, transaction confidentiality, and the security guarantee of the DApp transaction execution and order correctness hinder the border adoption of blockchain DApps. To address these issues, we propose L2chain, a novel blockchain framework aiming to scale the system through a layer-2 network where DApps process transactions in the layer-2 network and only the system state digest, acting as the state integrity proof, is maintained on-chain. To achieve high performance, we introduce the split-execute-merge (SEM) transaction processing workflow with the help of the RSA accumulator, allowing DApps to lock and update a part of the state digest in parallel. We also design a witness cache mechanism for DApp executors to reduce the transaction processing latency. To fulfill confidentiality, we leverage the trusted execution environment (TEE) for DApps to execute encrypted transactions off-chain. To ensure transaction execution and order correctness, we propose a two-step execution process for DApps to prevent attacks ( i.e. , rollback attacks) from subverting the state transition. Extensive experiments have demonstrated that L2chain can achieve 1.5X to 42.2X and 7.1X to 8.9X throughput improvements in permissioned and permissionless settings respectively.

Blockchain state channels with compact states through the use of RSA accumulators

One of the major concerns regarding currently proposed public blockchain systems relates to the feasible transaction processing rate. It is common for such systems to limit this rate to maintain the required levels of security and decentralisation. State channels are an approach to overcome this limitation, as they aim to decrease the required on-chain transactions for a given application and thus indirectly increase the capacity (in terms of applications) of public blockchain systems. In the present paper, we propose a state channel design that, through the use of RSA accumulators, operates on a compact state structure. This scheme is optimal for applications whose state includes large sets of elements. The novel state channel design is presented by analysing all state channel operations and how they have to be revised. The security of the design is discussed, while a practical use case scenario regarding the use of the design for an on-chain asset (e.g., non-fungible tokens) exchange application is also analysed.

A Privacy-Preserving Framework for Endorsement Process in Hyperledger Fabric

Hyperledger Fabric is a permissioned flavor of blockchain which offers various privacy features to its users. It stands out from other permissioned framework by allowing only a subset of peers called endorsing peers to execute the chaincode. This subset is given in the form of logical expression called endorsement policy. During the validation phase, every peer checks the transaction for desired endorser signatures against the endorsement policy. There are various attacks and privacy risks involved in disclosing the endorser signature and endorsement policy.In this paper we provide a framework for a secure endorsement system in Hyperledger Fabric. An efficient linkable threshold ring signature scheme is constructed, with a ZK-SNARK set membership proof, to secure the endorsements made by the endorsers. The endorsement policy is obfuscated by employing a recent construction of universal RSA accumulators and the individual membership proofs are batched through a non-interactive proof of exponentiation technique for efficient validation. We provide formal security definitions and proofs for the proposed framework.

Redactable Blockchain From Decentralized Chameleon Hash Functions

Blockchain is a technology with decentralization and immutability features and has been employed for auditing by many applications. However, immutability sometimes limits the application of blockchain technology. For example, vulnerable smart contracts on blockchain cannot be redacted due to immutability. The existing redactable blockchain solutions either have a low efficiency or violate the decentralization feature. Moreover, those solutions lack mechanisms for tracing redaction history and checking block consistency. In this paper, we present an efficient redactable blockchain with traceability in the decentralized setting. Specifically, we propose a decentralized chameleon hash function for redactable blockchain that every redaction must be approved by multiple blockchain nodes. We also design a redactable blockchain structure that maintains all redactions of a block and encodes the redacted blocks into an RSA accumulator. Then, we propose an efficient block consistency check protocol based on the RSA accumulator. Finally, we conduct experiments and compare our scheme with another decentralized redactable blockchain to demonstrate that our solution is efficient in practice.

Towards Dynamic Verifiable Pattern Matching

Verifiable pattern matching enables users to obtain authenticated query results over outsourced data on an untrusted remote server. It is a fundamental problem in many security-critical big data applications, including big database search, human genome data search, text search, etc., especially when these applications are outsourced to third-party clouds. However, the state-of-the-art schemes do not yet support efficient data updates. In this work, we propose the first dynamic verifiable pattern matching scheme to support efficient data updates. The proposed scheme is built on two ideas: one is to embed unique randomness to decouple the character and its index in the outsourced data, enabling efficient data updates; the other is to reduce the verifiable pattern matching problem to a discrete set membership testing problem, which relies on the decoupling introduced in the first idea. Based on these two ideas, the proposed scheme first employs the suffix array index structure to search pattern matching queries. The scheme then authenticates the outsourced text using a newly designed authenticated data structure based on the RSA accumulator, which guarantees the verifiability of pattern matching query results. Data update is naturally supported using the RSA accumulator working on discrete sets. Based on the proposed design, we have prototyped a proof-of-concept for the proposed scheme and have conducted an extensive experimental evaluation. In addition to supporting efficient data update, our experimental results show that the proposed scheme incurs reduced verification cost in comparison with the baseline state-of-the-art scheme.

Integrity Verification Mechanism of Sensor Data Based on Bilinear Map Accumulator

With the explosive growth in the number of IoT devices, ensuring the integrity of the massive data generated by these devices has become an important issue. Due to the limitation of hardware, most past data integrity verification schemes randomly select partial data blocks and then perform integrity validation on those blocks instead of examining the entire dataset. This will result in that unsampled data blocks cannot be detected even if they are tampered with. To solve this problem, we propose a new and effective integrity auditing mechanism of sensor data based on a bilinear map accumulator. Using the proposed approach will examine all the data blocks in the dataset, not just some of the data blocks, thus, eliminating the possibility of any cloud manipulation. Compared with other schemes, our proposed solution has been proved to be highly secure for all necessary security requirements, including tag forgery, data deletion, replacement, replay, and data leakage attacks. The solution reduces the computational and storage costs of cloud storage providers and verifiers, and also supports dynamic operations for data owners to insert, delete, and update data by using a tag index table (TIT). Compared with existing schemes based on RSA accumulator, our scheme has the advantages of fast verification and witness generation and no need to map data blocks to prime numbers. The new solution supports all the characteristics of a data integrity verification scheme.

MiniChain: A lightweight protocol to combat the UTXO growth in public blockchain

The current UTXO-based blockchains require the validators to keep the entire ever-growing UTXO set to verify transactions, which is unsuitable for ordinary machines since they occupy a large size of RAM in the long run, resulting in network centralizations. Recently, stateless blockchain technology has been proposed which uses the accumulator to combine the large UTXO set into one short, constant-sized commitment. However, the UTXO commitments in these methods are inefficient since the UXTO set is required dynamic addition and removal of elements as transactions are processed. In this work, we propose MiniChain, which replaces the UTXO set with two append-only data structures: STXO (Spent Transaction Outputs) set and TXO (Transaction Outputs) set. Thus, a valid UTXO must belong to the TXO set, but not in STXO set. Then, we construct a novel STXO commitment and TXO commitment by using a trapdoor-less RSA accumulator and a Merkle Mountain Range (MMR) respectively, greatly increasing the efficiency of accumulator. Besides, we introduce a cache mechanism, by storing the STXOs of latest N blocks, the transaction proof can be kept alive for a period of time, avoiding constantly recomputing proofs for unaccepted transactions. Our evaluation shows that (i) MiniChain only needs a fixed-size RAM and the disk usage grows very slow since only the block headers are stored; (ii) comparing to the state-of-the-art work, the performance of the accumulator update has been improved from O(n2) to O(n), enabling MiniChain to support a higher TPS.

A blockchain based decentralized data security mechanism for the Internet of Things

The Internet of Things (IoT) is the core infrastructure of the smart city information system. With the explosive growth of IoT devices, how to securely maintain the important data generated by IoT devices has become an important issue. In the conventional IoT-cloud based infrastructure, the sensitive IoT data was stored in a third cloud service provider. However, in such a manner, the private IoT data may be disclosed by the cloud server since the cloud server knows all the data stored in it. This paper, for the first time, proposes a decentralized secure mechanism based on the blockchain technique to store the important data generated in the IoT system. This mechanism effectively solves the data reliability, security and privacy issues that may be encountered in the conventional IoT-cloud system. Considering the defects of simplified payment verification used by light nodes in blockchain networks, this paper proposes an Unspent Transaction Output (UTXO) verification mechanism based on the RSA accumulator, which makes the computational complexity of light nodes to generate and verify the UTXO proof to be constant. The proposed mechanism not only provides proof of inclusion but also supports efficient proof of exclusion for a lightweight node. Our experiment results indicate that the proposed scheme is practical and efficient.

Blockchain-Based Searchable Encryption Scheme With Fair Payment

In order to solve the problem that most of the existing blockchain-based searchable encryption schemes only support exact keyword search and mutual distrust between the cloud server and the user, a searchable encryption scheme based on blockchain, that has functions such as file update dynamically, search results verification, fuzzy keyword search, and fair payment, is proposed. We use edit distance to generate the fuzzy keywords set. According to the un-modification characteristic of Ethereum blockchain and the security of the RSA accumulator, our scheme can verify the search results by the smart contract and realize the service-payment fairness between the user and the cloud server. The security analysis shows that the proposed scheme achieves non-adaptive semantic security. Performance analysis and experiment show that our scheme is efficient and meets the demand of search application in the cloud environment.

Blockchain-Based Data Storage Mechanism for Industrial Internet of Things

With the development of the Industrial Internet of Things and the continuous expansion of application scenarios, many development bottlenecks have followed. Its data security issue has become an obstacle to its widespread application. It has attracted substantial attention from both academia and industry. Blockchain technology has the characteristics of decentralization, openness and transparency and non-tampering. It has natural advantages in solving the security of the Industrial Internet of Things. Accordingly, this paper first analyzes the security risks associated with data storage in the Industrial Internet of Things and proposes the use of blockchain technology to ensure the secure storage of data in the Industrial Internet of Things. In traditional blockchains, the data layer uses Merkle hash trees to store data; however, the Merkle hash tree not able to provide non-member proof, which makes it unable to resist attacks from malicious nodes in the network. To solve this problem, this paper replaces the Merkle hash tree with a password accumulator to provide member proof and non-member proof. Moreover, the existing accumulators have trapdoors and cannot be updated in batches, and unable to meet the blockchain’s expansion requirements. This paper presents an improved RSA accumulator and gives the definition of the accumulator. Finally, this paper uses RSA to construct a batch update accumulator scheme without trapdoor, and shows that the scheme is feasible through correctness and security

Group-based fast data packet attribute authentication in the reconfigurable networks

AbstractThe reconfigurable networks in the Chinese national basic research project- Flexible Architecture of Reconfigurable Infrastructure can adjust its own structure to provide better services for applications according to their transactional attributes and is compatible with today’s networks. Data packet authentication is necessary to guarantee that precious resources in the reconfigurable networks couldn’t be abused. In this paper, we propose a novel fast data packet authentication scheme for the reconfigurable networks based on the attribute based signature and RSA accumulator. In our scheme, packets are organized and authenticated in groups. Every group only needs one signature to guarantee the authenticity of the first packet, and other packets in the group can be verified using the membership witness of RSA accumulator embedded in the packet. The proposed scheme can greatly reduce the generation and verification time of the packet authentication information. Simulation results demonstrate the prac...

Towards Building Forensics Enabled Cloud Through Secure Logging-as-a-Service

Collection and analysis of various logs (e.g., process logs, network logs) are fundamental activities in computer forensics. Ensuring the security of the activity logs is therefore crucial to ensure reliable forensics investigations. However, because of the black-box nature of clouds and the volatility and co-mingling of cloud data, providing the cloud logs to investigators while preserving users' privacy and the integrity of logs is challenging. The current secure logging schemes, which consider the logger as trusted cannot be applied in clouds since there is a chance that cloud providers (logger) collude with malicious users or investigators to alter the logs. In this paper, we analyze the threats on cloud users' activity logs considering the collusion between cloud users, providers, and investigators. Based on the threat model, we propose Secure-Logging-as-a-Service ( SecLaaS), which preserves various logs generated for the activity of virtual machines running in clouds and ensures the confidentiality and integrity of such logs. Investigators or the court authority can only access these logs by the RESTful APIs provided by SecLaaS, which ensures confidentiality of logs. The integrity of the logs is ensured by hash-chain scheme and proofs of past logs published periodically by the cloud providers. In prior research, we used two accumulator schemes Bloom filter and RSA accumulator to build the proofs of past logs. In this paper, we propose a new accumulator scheme - Bloom-Tree, which performs better than the other two accumulators in terms of time and space requirement.

Authenticated Hash Tables Based on Cryptographic Accumulators

Suppose a client stores \(n\) elements in a hash table that is outsourced to an untrusted server. We address the problem of authenticating the hash table operations, where the goal is to design protocols capable of verifying the correctness of queries and updates performed by the server, thus ensuring the integrity of the remotely stored data across its entire update history. Solutions to this authentication problem allow the client to gain trust in the operations performed by a faulty or even malicious server that lies outside the administrative control of the client. We present two novel schemes that implement an authenticated hash table. An authenticated hash table exports the basic hash-table functionality for maintaining a dynamic set of elements, coupled with the ability to provide short cryptographic proofs that a given element is a member or not of the current set. By employing efficient algorithmic constructs and cryptographic accumulators as the core security primitive, our schemes provide constant proof size, constant verification time and sublinear query or update time, strictly improving upon previous approaches. Specifically, in our first scheme which is based on the RSA accumulator, the server is able to construct a (non-)membership proof in constant time and perform updates in \(O\left( n^{\epsilon }\log n\right) \) time for any fixed constant \(0<\epsilon <1\). A variation of this scheme achieves a different trade-off, offering constant update time and \(O(n^{\epsilon })\) query time. Our second scheme uses an accumulator based on bilinear pairings to achieve \(O(n^{\epsilon })\) update time at the server while keeping all other complexities constant. A variation of this scheme achieves \(O(n^{\epsilon }\log n)\) time for queries and constant update time. An experimental evaluation of both solutions shows their practicality.

Authenticated Dictionaries

Authenticated dictionaries are a widely discussed paradigm to enable verifiable integrity for data storage on untrusted servers, such as today’s widely used “cloud computing” resources, allowing a server to provide a “proof,” typically in the form of a slice through a cryptographic data structure, that the results of any given query are the correct answer, including that the absence of a query result is correct. Persistent authenticated dictionaries (PADs) further allow queries against older versions of the structure. This research presents implementations of a variety of different PAD algorithms, some based on Merkle tree-style data structures and others based on individually signed “tuple” statements (with and without RSA accumulators). We present system throughput benchmarks, indicating costs in terms of time, storage, and bandwidth as well as considering how much money would be required given standard cloud computing costs. We conclude that Merkle tree PADs are preferable in cases with frequent updates, while tuple-based PADs are preferable with higher query rates. For Merkle tree PADs, red-black trees outperform treaps and skiplists. Applying Sarnak-Tarjan’s versioned node strategy, with a cache of old hashes at every node, to red-black trees yields the fastest Merkle tree PAD implementation, notably using half the memory of the more commonly used mutation-free path copying strategy. For tuple PADs, although we designed and implemented an algorithm using RSA accumulators that offers constant update size, constant storage per update, constant proof size, and sublinear computation per update, we found that RSA accumulators are so expensive that they are never worthwhile. We find that other optimizations in the literature for tuple PADs are more cost-effective.

Practical Broadcast Encryption from Graph-Theoretic Techniques and Subset-Incremental-Chain Structure

We present generic frameworks for constructing efficient broadcast encryption schemes in the subset-cover paradigm, introduced by Naor et al., based on various key derivation techniques. Our frameworks characterize any instantiation completely to its underlying graph decompositions, which are purely combinatorial in nature. These abstract away the security of each instantiated scheme to be guaranteed by the generic one of the frameworks; thus, give flexibilities in designing schemes. Behind these, we present new techniques based on (trapdoor) RSA accumulators utilized to obtain practical performances. We then give some efficient instantiations from the frameworks, via a new structure called subset-incremental-chain. Our first construction improves the currently best schemes, including the one proposed by Goodrich et al., without any further assumptions (only pseudo-random generators are used) by some factors. The second instantiation, which is the most efficient, is instantiated based on RSA and directly improves the first scheme. Its ciphertext length is of order O(r), the key size is O(1), and its computational cost is O(n1/klog2n) for any (arbitrary large) constant k; where r and n are the number of revoked users and all users respectively. To the best of our knowledge, this is the first explicit collusion-secure scheme in the literature that achieves both ciphertext size and key size independent of n simultaneously while keeping all other costs efficient, in particular, sub-linear in n. The third scheme improves Gentry and Ramzan's scheme, which itself is more efficient than the above schemes in the aspect of asymptotic computational cost.