64 research outputs found

    Applications of the Blockchain using cryptography

    Get PDF
    PhD ThesisWe have witnessed the rise of cryptocurrencies in the past eight years. Bitcoin and Ethereum are the world’s most successful cryptocurrencies with market capitalisations of 37bnand37bn and 21bn respectively in June 2017. The innovation behind these cryptocurrencies is the blockchain which is an immutable and censorship resistant public ledger. Bitcoin introduced the blockchain to trade a single asset (i.e. bitcoins), whereas Ethereum adopted the blockchain to store and execute expressive smart contracts. In this thesis, we consider cryptographic protocols that bootstrap trust from the blockchain. This includes secure end-to-end communication between two pseudonymous users, payment protocols, payment networks and decentralised internet voting. The first three applications rely on Bitcoin, whereas the final e-voting application is realised using Ethereum. First, it is important to highlight that Bitcoin was designed to protect the anonymity (or pseudonymity) for financial transactions. Nakamoto proposed that financial privacy is achievable by storing each party’s pseudonym (and not their real-world identity) in a transaction. We highlight that this approach for privacy has led to real-world authentication issues as merchants are failing to re-authenticate customers in post-transaction correspondence. To alleviate these issues, we propose an end-to-end secure communication protocol for Bitcoin users that does not require any trusted third party or public-key infrastructure. Instead, our protocol leverages the Blockchain as an additional layer of authentication. Furthermore, this insight led to the discovery of two attacks in BIP70: Payment Protocol which is a community-accepted standard used by more than 100,000 merchants. Our attacks were acknowledged by the leading payment processors including Coinbase, BitPay and Bitt. As well, we have proposed a revised Payment Protocol that prevents both attacks. Second, Bitcoin as deployed today does not scale. Scalability research has focused on two directions: 1) redesigning the Blockchain protocol, and 2) facilitating ‘off-chain transactions’ and only consulting the Blockchain if an adjudicator is required. We focus on the latter and provide an overview of Bitcoin payment networks. These consist of two components: payment channels to facilitate off-chain transactions between two parties, and the capability to fairly exchange bitcoins across multiple channels. We compare Duplex Micropayment Channels and Lightning Channels, before discussing Hashed Time Locked Contracts which viii enable Bitcoin-based payment networks. Furthermore, we highlight challenges in routing and path-finding that need to be overcome before payment networks are practically feasible. Finally, we study the feasibility of executing cryptographic protocols on Ethereum. We provide the first implementation of a decentralised and self-tallying internet voting protocol with maximum voter privacy as a smart contract. The Open Vote Network is suitable for boardroom elections and is written as a smart contract for Ethereum. Unlike previously proposed Blockchain e-voting protocols, this is the first implementation that does not rely on any trusted authority to compute the tally or to protect the voter’s privacy. Instead, the Open Vote Network is a self-tallying protocol, and each voter is in control of the privacy of their own vote such that it can only be breached by a full collusion involving all other voters. The execution of the protocol is enforced using the consensus mechanism that also secures the Ethereum blockchain. We tested the implementation on Ethereum’s official test network to demonstrate its feasibility. Also, we provide a financial and computational breakdown of its execution cost

    Formal Modelling and Security Analysis of Bitcoin\u27s Payment Protocol

    Get PDF
    The Payment Protocol standard BIP70, specifying how payments in Bitcoin are performed by merchants and customers, is supported by the largest payment processors and most widely-used wallets. The protocol has been shown to be vulnerable to refund attacks due to lack of authentication of the refund addresses. In this paper, we give the first formal model of the protocol and formalise the refund address security goals for the protocol, namely refund address authentication and secrecy. The formal model utilises communication channels as abstractions conveying security goals on which the protocol modeller and verifier can rely. We analyse the Payment Protocol confirming that it is vulnerable to an attack violating the refund address authentication security goal. Moreover, we present a concrete protocol revision proposal supporting the merchant with publicly verifiable evidence that can mitigate the attack. We verify that the revised protocol meets the security goals defined for the refund address. Hence, we demonstrate that the revised protocol is secure, not only against the existing attacks, but also against any further attacks violating the formalised security goals.30 pages, 6 figures. This is an accepted manuscript to appear in Computers & Security. Please cite as: Modesti, Shahandashti, McCorry, and Hao. Formal Modelling and Security Analysis of Bitcoin\u27s Payment Protocol . To appear in Computer & Security, Elsevier, 202

    Two-Party State Channels with Assertions

    No full text

    The Creation of an E-Tutorial to Support Learning Embryology

    No full text
    Embryology is a complex subject that many students struggle to understand. With the advances of digital technologies, we sought to create a fully interactive e- learning resource to facilitate learning in this complex field. Therefore, the aim of this project was to create a digital resource which was created by a student, for students. We based this e-tutorial on the embryology curriculum from the Level 3 Honours BSc degree at the University of Glasgow. We ensured all aims and objectives were incorporated into the tutorial. By using Articulate 360, we created an e-tutorial which enabled the user to explore weeks 1 – 4 of development. Novel images and cartoons were created by the author and incorporated into the tutorial. This meant that there were no copyright issues from using materials from other sources. Images were designed and created using Paint Tool Sai. A simple interactive format was created with text related to each week of development. This linked to the intended learning outcomes, but ensured a unique presentation of resources to enhance learning. There was a fully interactive quiz at the end of each of the weeks, including hints and tips, with links back to the relevant part of the tutorial. This e-tutorial has now been adopted into the local curriculum and has been requested by several Scottish universities and the north of England to embed into their curricula. This study has shown how a co-creation of educational resources can result in the production of a novel and interactive learning resource
    corecore