خلاصه
مقدمه
کارهای مرتبط
مدل سیستم
تجزیه و تحلیل امنیتی
سنجش عملکرد
خلاصه و آثار آینده
منابع
Abstract
Introduction
Related Works
System Model
Security Analysis
Performance Evaluation
Summary and Future Works
References
چکیده
فناوریهای متنوعی مانند یادگیری ماشینی و دادههای بزرگ، باعث رونق اینترنت اشیا (IoT) و گسترش همهجای دستگاههای IoT شدهاند. در نتیجه، طبیعی است که اینترنت اشیا به نیروی محرکه ای برای پاسخگویی به تقاضای فزاینده تراکنش های بدون اصطکاک تبدیل شود. برای ایمن سازی تراکنش ها در اینترنت اشیا، بلاک چین به طور گسترده ای مستقر شده است زیرا می تواند نیاز به یک مرجع مرکزی قابل اعتماد را برطرف کند. با این حال، پلتفرمهای پرداخت اینترنت اشیا مبتنی بر بلاک چین، که تحت سلطه الگوریتمهای اجماع اثبات کار (PoW) و اثبات سهام (PoS) هستند، با چندین چالش بزرگ امنیتی و مقیاسپذیری مواجه هستند که منجر به شکست سیستم و ضرر مالی میشود. در میان سه حمله پیشرو در این سناریو، حملات دوگانه خرج کردن و حملات دوربرد، نشانههای کاربران بلاک چین را تهدید میکنند، در حالی که حملات eclipse Denial of Service را هدف قرار میدهند. برای غلبه بر این حملات، یک زنجیره بلوکی مرتبط با دو جهته (BLB) با استفاده از توابع هش آفتاب پرست پیشنهاد شده است، که در آن نشانگرهای دو طرفه بین بلوک ها ساخته می شوند. علاوه بر این، یک الگوریتم جدید مزایده اعضای کمیته (CMA) برای بهبود امنیت و مقاومت در برابر حمله BLB طراحی شده است و در عین حال مقیاس پذیری بالا را تضمین می کند. در CMA، گره های بلاک چین توزیع شده اعضای کمیته را از طریق یک تابع تصادفی قابل تأیید انتخاب می کنند. این قرارداد هوشمند از طرح به اشتراک گذاری راز Shamir برای توزیع کلیدهای درب بین اعضای کمیته استفاده می کند. برای بررسی بهتر مقاومت BLB در برابر حملات دوگانه خرج کردن، تجزیه و تحلیل حمله Nakamoto بهبود یافته ارائه شده است. علاوه بر این، یک متریک آنتروپی اصلاح شده برای اندازهگیری مقاومت حمله گرفتگی در الگوریتمهای اجماع مختلف ابداع شده است. نتایج ارزیابی گسترده مقاومت برتر در برابر حملات را نشان میدهد و مقیاسپذیری بالای BLB را در مقایسه با پارادایمهای پیشرو فعلی مبتنی بر PoS و PoW نشان میدهد.
توجه! این متن ترجمه ماشینی بوده و توسط مترجمین ای ترجمه، ترجمه نشده است.
Abstract
Diverse technologies, such as machine learning and big data, have been driving the prosperity of the Internet of Things (IoT) and the ubiquitous proliferation of IoT devices. Consequently, it is natural that IoT becomes the driving force to meet the increasing demand for frictionless transactions. To secure transactions in IoT, blockchain is widely deployed since it can remove the necessity of a trusted central authority. However, the mainstream blockchain-based IoT payment platforms, dominated by Proof-of-Work (PoW) and Proof-of-Stake (PoS) consensus algorithms, face several major security and scalability challenges that result in system failures and financial loss. Among the three leading attacks in this scenario, double-spend attacks and long-range attacks threaten the tokens of blockchain users, while eclipse attacks target Denial of Service. To defeat these attacks, a novel bidirectional-linked blockchain (BLB) using chameleon hash functions is proposed, where bidirectional pointers are constructed between blocks. Furthermore, a new committee members auction (CMA) consensus algorithm is designed to improve the security and attack resistance of BLB while guaranteeing high scalability. In CMA, distributed blockchain nodes elect committee members through a verifiable random function. The smart contract uses Shamir’s secret-sharing scheme to distribute the trapdoor keys to committee members. To better investigate BLB’s resistance against double-spend attacks, an improved Nakamoto’s attack analysis is presented. In addition, a modified entropy metric is devised to measure eclipse attack resistance across different consensus algorithms. Extensive evaluation results show the superior resistance against attacks and demonstrate high scalability of BLB compared with current leading paradigms based on PoS and PoW.
Introduction
I NTERNET of Things (IoT) is experiencing a fast booming in recent years, along with which IoT devices are already ubiquitous, such as mobile devices, car terminals, wearable devices, etc. Not surprisingly, the proliferation of IoT devices meets the increasing demands of contactless payment via IoT devices, which attracts growing attention from both academia and industry [1], [2]. For example, Samsung has launched its IoT payment platform on smart and wearable devices, TVs, fridges, and even more. At the same time, automobile giants such as SAIC Motor have embedded their cars with a comprehensive mobile payment system. On account of the popularization of IoT devices, machine-to-machine (M2M) payment as a paradigm is playing an ever-growing important role in the IoT [3].
In M2M payments, centralized transaction management central has relatively poor performances due to the distributed nature of the IoT. Collecting all the transaction information to a central server causes incredibly massive communication overhead, which leads to delayed transactions and low efficient operation. Moreover, the centralized operation mode is vulnerable to single-point failure, while various man-in-themiddle attacks are unceasingly launched due to the financial value of transaction information. Thus, a decentralized and autonomous payment architecture better meets the needs of the IoT. Blockchain, as an emerging distributed ledger technology (DLT), is decentralized and allows for secure, anonymous, and immutable transactions [4]–[7]. Therefore, it is seen as one of the most promising solutions for M2M IoT payments.
Security Analysis
Since the security of the Chameleon hash scheme has been proved, including collision-resistant, message hiding, semantic security, and key-exposure-free [17], the security of the Chameleon hash can be guaranteed. While for the distribution of the trapdoor key, the correctness and security of the secretsharing scheme have also been proved based on Lagrange’s interpolation theorem [18]. Therefore, for the rest of this section, the security of the proposed model is analyzed from two aspects: 1) double-spend attack/long-range attack resistance and 2) eclipse attack resistance.
Both double-spend attacks and long-range attacks are caused by uncertainty about newly added blocks and the subsequent blocks. However, with the novel reverse pointer design, the subsequent direction of any block can be determined, i.e., starting from the genesis block, the entire chain is undisputed. Long-range attacks are completely ineffective against the proposed model. The only possible stage of the proposed model getting attacked by double spending is when generating the reverse pointers.