Abstract
Accountability is a fundamental after-the-fact approach to detect and punish illegal actions during the execution of a warrant for accessing users’ sensitive data. To achieve accountability in a security protocol, a trusted authority is required, denoted as judge, to faithfully cooperate with the rest of the entities in the system. However, malicious judges or uncooperative protocol participants may void the accountability mechanism in practice, for example by fabricating fake evidence or by refusing to provide any evidence at all. To provide remediation to these issues, in this paper we propose Fialka, a novel accountable decryption system based on privacy-preserving smart contracts (PPSC). The neutrality that is inherent to a secure blockchain platform is inherited by PPSC which are then used in our approach as an accountable key manager as well as a transparent judge. To the best of our knowledge, we present the first PPSC-based accountable decryption system to increase the transparency of warrant execution with formal definitions and proofs. Furthermore, we provide and evaluate a prototype implementation using the PPSC-enabled platform Oasis Devnet, which additionally demonstrates the feasibility of Fialka.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
A demo site and reference source code are accessible at http://www.fialka.top.
- 2.
\(\mathsf {Trans}\) (\(\mathbf {Transfer}\) algorithm) calculates the investigator’s key and it belongs to \(\mathsf {WDec}\).
- 3.
Estimates on real value of gas cost are omitted, since the Oasis token has not been officially released at the time of writing.
References
Oasis labs: A safer way to use data (2020). https://www.oasislabs.com/
Origo: the privacy preserving platform for decentralized applications (2020). https://origo.network/
Alder, F., Asokan, N., et al.: S-FAAS: Trustworthy and accountable function-as-a-service using intel SGX. In: CCSW 2019, pp. 185–199 (2019)
Azaria, A., Ekblaw, A., Vieira, T.: Medrec: using blockchain for medical data access and permission management. In: OBD 2016, pp. 25–30. IEEE (2016)
Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28628-8_3
Bünz, B., Agrawal, S., Zamani, M., Boneh, D.: Zether: Towards privacy in a smart contract world. In: FC 2020 (2020)
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS 2001, pp. 136–145. IEEE (2001)
Cheng, R., et al.: Ekiden: a platform for confidentiality-preserving, trustworthy, and performant smart contracts. In: EuroSP 2019, pp. 185–200. IEEE (2019)
Contractor, D., Patel, D.R.: Accountability in cloud computing by means of chain of trust. IJ Network Secur. 19(2), 251–259 (2017)
Costan, V., Devadas, S.: Intel SGX explained. IACR Cryptol. ePrint Archive 2016(086), 1–118 (2016)
Goyal, V., Lu, S., Sahai, A., Waters, B.: Black-box accountable authority identity-based encryption. In: ACM CCS 2008, pp. 427–436. ACM (2008)
Guo, H., Zhang, Z., Xu, J., Xia, M.: Generic traceable proxy re-encryption and accountable extension in consensus network. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11735, pp. 234–256. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29959-0_12
Juels, A., Kosba, A., Shi, E.: The ring of GYGES: investigating the future of criminal smart contracts. In: ACM CCS 2016, pp. 283–295. ACM (2016)
Kaaniche, N., Laurent, M.: A blockchain-based data usage auditing architecture with enhanced privacy and availability. In: NCA 2017, pp. 1–5. IEEE (2017)
Kiltz, E.: Chosen-ciphertext security from tag-based encryption. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 581–600. Springer, Heidelberg (2006). https://doi.org/10.1007/11681878_30
Kosba, A., Miller, A., et al.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: IEEE S&P 2016, pp. 839–858. IEEE (2016)
Kroll, J.A., Zimmerman, J., Wu, D.J., Nikolaenko, V., Felten, E.W.: Accountable cryptographic access control. In: Workshop, CRYPTO 2018, vol. 2018 (2018)
Küsters, R., Truderung, T., Vogt, A.: Accountability: definition and relationship to verifiability. In: ACM CCS 2010, pp. 526–535. ACM (2010)
Lai, J., Tang, Q.: Making Any attribute-based encryption accountable, efficiently. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11099, pp. 527–547. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98989-1_26
Li, R., Galindo, D., Wang, Q.: Auditable credential anonymity revocation based on privacy-preserving smart contracts. In: Pérez-Solà, C., Navarro-Arribas, G., Biryukov, A., Garcia-Alfaro, J. (eds.) DPM/CBT -2019. LNCS, vol. 11737, pp. 355–371. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-31500-9_23
Luo, Y., Fan, J., Deng, C., Li, Y., Zheng, Y., Ding, J.: Accountable data sharing scheme based on blockchain and SGX. In: CyberC 2019, pp. 9–16. IEEE (2019)
Microsoft: The coco framework: Technical overview, May 2019. https://github.com/Azure/coco-framework/
Neisse, R., Steri, G., Nai-Fovino, I.: A blockchain-based approach for data accountability and provenance tracking. In: ARES 2017, p. 14. ACM (2017)
Ryan, M.D.: Making decryption accountable (Transcript of Discussion). In: Stajano, F., Anderson, J., Christianson, B., Matyáš, V. (eds.) Security Protocols 2017. LNCS, vol. 10476, pp. 99–108. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-71075-4_12
Steffen, S., et al.: zkay: specifying and enforcing data privacy in smart contracts. In: ACM CCS 2019, pp. 1759–1776. ACM (2019)
Szabo, N.: Smart contracts: building blocks for digital markets. EXTROPY: J. Transhumanist Thought, 18(16), 2 (1996)
Wood, G., et al.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151(2014), 1–32 (2014)
Xu, Y., et al.: Blockchain empowered arbitrable data auditing scheme for network storage as a service. IEEE TSC 13(2), 289–300 (2019)
Zyskind, G., Nathan, O., Pentland, A.: Enigma: Decentralized computation platform with guaranteed privacy. arXiv preprint arXiv:1506.03471 (2015)
Acknowledgments
R. Li, F. Liu and Q. Wang were supported by the National Science Foundation of China under Grant No. 61672015 and Guangdong Provincial Key Laboratory (Grant No. 2020B121201001). D. Galindo was partially supported by the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 779391 (FutureTPM).
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Appendices
A Appendix: Linear Problem
Definition 8
(Linear Problem [5, 15]). Let \(\mathbb {G}\) be a cyclic multiplicative group with prime order p, and \(g_1, g_2, g_3\) be generators of \(\mathbb {G}\). Given \(g_1, g_2, g_3, g_1^a, g_2^b, g_3^c \in \mathbb {G}\), decide whether \(a + b\) equals to c. If \(a + b=c\), outputs true, or false otherwise. The advantage of an algorithm \(\mathcal {A}\) in deciding the linear problem in \(\mathbb {G}\) is
with the probability taken over the uniform random choice of the parameters to \(\mathcal {A}\) and over the coin tosses of \(\mathcal {A}\).
Assumption 1 (Decision Linear Assumption)
No adversary \(\mathcal {A}\) succeeds in deciding the Linear Problem in \(\mathbb {G}\) with a non-negligible advantage.
Lemma 2
Assume \(\mathsf {H}_2\) is a target collision-resistant hash function, under the Decision Linear Problem, Kiltz’s full PKE scheme [15] is secure against chosen-ciphertext attacks.
B Appendix: Completeness
Proof (Theorem 2: Completeness)
Suppose that there exists an adversary who wins the completeness game with non-negligible probability. Then, we transform an adversary against Completeness into adversaries against PPSC security and IND-CCA security of Kiltz’s PKE scheme. We describe a sequence of games to conduct the proof.
Game . This is the unmodified completeness game. The winning probability equals the advantage of against Completeness game, namely, \(adv_{\mathcal {A},{\varPi }}^{\Game _{\text {comp}}}(\lambda )\).
Game . In this game, when the adversary calls the \(\mathcal {C}\), we disallow contract \(\mathsf {\widehat{c}_{ad}}\) to execute the algorithm \(\mathsf {Insp}\), and then \(\mathsf {\widehat{c}_{ad}}\) outputs \(\mathsf {true}\) to the adversary.
Game . In this game, we disallow \(\mathcal {A}\) calls \(\mathcal {C}\), and thus \(\mathbf{Transfer} \) in \(\mathsf {\widehat{c}_{km}}\) cannot be executed, indicating \(\mathcal {A}\) cannot obtain secret key from blockchain.
Clearly, without querying smart contract, the adversary’s advantage of winning equals the advantage of breaking the CCA security of PKE. The adversary against security of Kiltz’s PKE scheme is negligible, and the proof is given in Lemma 2. To find out the difference between these games, we define the events: (1) : blocking the transaction-based evidence. The adversary fetches the key from the blockchain, and successfully hides the transaction \(\mathsf {Tx}^\star \) that used for validation in the algorithm \(\mathsf {Insp}\). (2) : forging an inspection result. The adversary forges an inspection result by executing \(\lnot \mathsf {Insp}\), where \(\lnot \mathsf {Insp}\) means the malicious behaviors of inspection and it modifies the \(\mathsf {false}\) result as \(\mathsf {true}\). (3): breaking the security of PPSC. The adversary obtains a valid private key without invoking the blockchain.
Game \(\approx \) Game . The winning conditions for equals the winning conditions for if neither event nor event happen. Thus, we have We then consider the happening probabilities of the and . The happening of implies that the adversary hides the transaction evidence, which contradicts the assumption of the transparency properties. Thus, the wining advantages of is identical to breaking the promise of transaction-transparency. If the event happens, indicating that the adversary breaks the state-consistency of PPSC, the possibility is identical to the advantage of breaking the promise of state-consistency. Thus, we have and .
Game \(\approx \) Game . The winning condition for is equal to the winning condition for if and only if event does not happen. The possibility of is identical to the advantages of breaking the promise of state-privacy. Thus, .
Combining everything together, we obtain that
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Li, R., Wang, Q., Liu, F., Wang, Q., Galindo, D. (2020). An Accountable Decryption System Based on Privacy-Preserving Smart Contracts. In: Susilo, W., Deng, R.H., Guo, F., Li, Y., Intan, R. (eds) Information Security. ISC 2020. Lecture Notes in Computer Science(), vol 12472. Springer, Cham. https://doi.org/10.1007/978-3-030-62974-8_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-62974-8_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-62973-1
Online ISBN: 978-3-030-62974-8
eBook Packages: Computer ScienceComputer Science (R0)