Authenticated Key Exchange over Bitcoin

نویسندگان

  • Patrick McCorry
  • Siamak Fayyaz Shahandashti
  • Dylan Clarke
  • Feng Hao
چکیده

Bitcoin is designed to protect user anonymity (or pseudonymity) in a financial transaction, and has been increasingly adopted by major e-commerce websites such as Dell, Payal and Expedia. While the anonymity of Bitcoin transactions has been extensively studied, little attention has been paid to the security of post-transaction correspondence. In a commercial application, the merchant and the user often need to engage in follow-up correspondence after a Bitcoin transaction is completed, e.g., to acknowledge the receipt of payment, to confirm the billing address, to arrange the product delivery, to discuss refund and so on. Currently, such follow-up correspondence is typically done in plaintext via email with no guarantee on confidentiality. Obviously, leakage of sensitive data from the correspondence (e.g., billing address) can trivially compromise the anonymity of Bitcoin users. In this paper, we initiate the first study on how to realise end-to-end secure communication between Bitcoin users in a post-transaction scenario without requiring any trusted third party or additional authentication credentials. We first point out that none of the existing PKI-based or password-based AKE schemes are suitable for the purpose. Instead, our idea is to leverage the Bitcoin’s append-only ledger as an additional layer of authentication between previously confirmed transactions. This naturally leads to a new category of AKE protocols that bootstrap trust entirely from the block chain. We call this new category “Bitcoin-based AKE” and present two concrete protocols: one is non-interactive with no forward secrecy, while the other is interactive with additional guarantee of forward secrecy. Finally, we present proof-of-concept prototypes for both protocols with experimental results to demonstrate their practical feasibility.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A New Ring-Based SPHF and PAKE Protocol On Ideal Lattices

emph{ Smooth Projective Hash Functions } ( SPHFs ) as a specific pattern of zero knowledge proof system are fundamental tools to build many efficient cryptographic schemes and protocols. As an application of SPHFs, emph { Password - Based Authenticated Key Exchange } ( PAKE ) protocol is well-studied area in the last few years. In 2009, Katz and Vaikuntanathan described the first lattice-based ...

متن کامل

Provably Authenticated Group Diie-hellman Key Exchange

Group Diie-Hellman protocols for Authenticated Key Exchange (AKE) are designed to provide a pool of players with a shared secret key which may later be used, for example, to achieve multicast message integrity. Over the years, several schemes have been ooered. However, no formal treatment for this cryptographic problem has ever been suggested. In this paper, we present a security model for this...

متن کامل

An Efficient Authenticated Asymmetric Key Exchange Scheme

In this paper, an efficient authenticated asymmetric key exchange scheme has been designed based on the features of the Threshold Cryptography [11]. The method provides authentication and key establishment (like RSA, ) over an insecure channel using shares of two prime numbers and is secure against even off-line dictionary attack. In the proposed scheme, , and are all secret and each of the two...

متن کامل

Server-Aided Password-Authenticated Key Exchange: From 3-Party to Group

Protocols for group key exchange are cryptographic algorithms that describe how a group of parties communicating over a public network can come up with a common secret key. Due to their critical role in building secure multicast channels, a number of group key exchange protocols have been proposed over the years for a variety of settings. In this work, we present a new protocol for password-aut...

متن کامل

Authenticated Key Exchange with Synchronized States

Nowadays, most of sensitive applications over insecure network are protected by some authenticated secure channel which is highly relies on specific authenticated key exchange (AKE) protocol. Nevertheless, the leakage of authentication credential used in AKE protocol somehow result in unauthorized exploitation of credential information via identity impersonation (IDI) attack. To address the pro...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2015