Improving the Security and Efficiency of Blockchain-based Cryptocurrencies

Thumbnail Image

Files

master_Gopinath_Nirmala_Rakesh_2017.pdf (1.38 MB)

URL

Journal Title

Journal ISSN

Volume Title

Perustieteiden korkeakoulu | Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2017-08-28

Department

Major/Subject

Security and Mobile Computing

Mcode

T3011

Degree programme

Master's Degree Programme in Security and Mobile Computing (NordSecMob)

Language

en

Pages

77

Series

Abstract

In recent years, the desire for financial privacy and anonymity spurred the growth of electronic cash and cryptocurrencies. The introduction of decentralized cryptocurrencies, such as Bitcoin, accelerated their adoption in society. Since digital information is easier to reproduce, digital currencies are vulnerable to be spent more than once – this is called a double-spending attack. In order to prevent double-spending, Bitcoin records transactions in a tamper-resilient shared ledger called the blockchain. However, the time required to generate new blocks in the blockchain causes a delay in the transaction confirmation. This delay, typically around one hour in Bitcoin, is impractical for real world trade and limits the wide-spread use of blockchain-based cryptocurrencies. In this thesis, we propose a solution to prevent double-spending attacks and thus enable fast transaction confirmations using the security guarantees of Trusted Execution Environments (TEEs). We achieve this by enforcing sign-once semantics that prevent the payer from reusing designated signing keys to sign more than one transaction. We also provide a way for the payee to verify whether a specific signing key is subject to sign-once semantics. The payee, however still receives the funds later, once the transaction is verified similarly to existing credit card payments. In this way, our solution reduces transaction confirmation times of blockchain-based cryptocurrencies and is also compatible with existing deployments since it does not require any modifications to the base protocol, peers, or miners. We designed and implemented a proof-of-concept of our solution using Intel SGX technology and integrated it with Copay, a popular Bitcoin wallet from BitPay. This thesis also presents the security evaluation of our system along with other possible extensions and enhancements.

Description

Supervisor

N, Asokan

Thesis advisor

Paverd, Andrew

Keywords

cryptocurrency, bitcoin, blockchain, double-spending, trusted hardware, SGX

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-201709046818

Collections

[dipl] Perustieteiden korkeakoulu / SCI