Abstract
Blockchain is built on the basis of peer-to-peer network, cryptography and consensus mechanism over a distributed environment. The underlying cryptography in blockchain, such as hash algorithm and digital signature scheme, is used to guarantee the security of blockchain. However, past experience showed that cryptographic primitives do not last forever along with increasing computational power and advanced cryptanalysis. Therefore, it is crucial to investigate the issue that the underlying cryptography in blockchain is compromised.
This paper aims at the challenge that the underlying hash algorithm is compromised in blockchain. In 2017, M. Sato et al. firstly addressed the issue by proposing a framework of transition approach from the compromised hash algorithm to a secure one. Nevertheless, this approach is actually a hardfork if it is applied to proof-of-work blockchain, which is much likely to cause disagreement of the blockchain community and should be avoided accordingly. To fill this gap, we propose a softfork transition scheme to deal with the challenge that compromised hash brings into proof-of-work blockchain. Our scheme provides a secure transition in the case of compromised hash, keeping the validity of past data in the blockchain as well. We also show that a proof-of-work blockchain with our scheme is much more secure than the original one (i.e. without our scheme).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. In: Consulted (2008)
Bitcoin Wiki: Contingency plans - SHA-256 is broken (2015). https://en.bitcoin.it/wiki/Contingency_plans#SHA-256_is_broken
Bitcoin Wiki: Hardfork (2017). https://en.bitcoin.it/wiki/Hardfork
Sato, M., Matsuo, S.: Long-term public blockchain: resilience against compromise of underlying cryptography. In: IEEE European Symposium on Security and Privacy Workshops, pp. 1–8 (2017)
Okupski, K.: Bitcoin Developer Reference Working Paper, 30 June 2016. http://enetium.com/resources/Bitcoin.pdf
Bitcoin Developer Guide. https://bitcoin.org/en/developer-guide#proof-of-work
Stevens, M., et al.: Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 55–69. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_4
Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_2
Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_2
Stevens, M., Bursztein, E., Karpman, P., Albertini, A., Markov, Y.: The first collision for full SHA-1. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 570–596. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_19
Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Proceedings of ACM Symposium on the Theory of Computing, pp. 212–219 (1996)
Giechaskiel, I., Cremers, C., Rasmussen, K.B.: On bitcoin security in the presence of broken cryptographic primitives. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 201–222. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45741-3_11
Bitcoin Wiki: Coinbase (2018). https://en.bitcoin.it/wiki/Coinbase
Wood, G.: Ethereum: a secure decentralized generalised transaction ledger. https://ethereum.github.io/yellowpaper/paper.pdf
European Telecommunications Standards Institute (ETSI): Electronic Signatures and Infrastructures (ESI); CAdES digital signatures; Part 1: Building blocks and CAdES baseline signatures. EN 319 122-1 V1.1.1 (2016)
International Organization for Standardization (ISO): Processes, data elements and documents in commerce, industry and administration - Long term signature profiles - Part 1: Long term signature profiles for CMS Advanced Electronic Signatures (CAdES). ISO 14533-1:2014 (2014)
The DAO, The Hack, The Soft Fork and The Hard Fork. https://www.cryptocompare.com/coins/guides/the-dao-the-hack-the-soft-fork-and-the-hard-fork/
Buterin, V.: Critical update re: DAO vulnerability, 17 June 2016. https://blog.ethereum.org/2016/06/17/critical-update-re-dao-vulnerability/
Garay, J., Kiayias, A., Leonardos, N.: The bitcoin backbone protocol: analysis and applications. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 281–310. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_10
Acknowledgement
We would like to thank the anonymous reviewers for their helpful feedback. The authors are supported by the National Natural Science Foundation of China (Grant No. 61672347, 61572318, 61672339).
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Chen, F., Liu, Z., Long, Y., Liu, Z., Ding, N. (2018). Secure Scheme Against Compromised Hash in Proof-of-Work Blockchain. In: Au, M., et al. Network and System Security. NSS 2018. Lecture Notes in Computer Science(), vol 11058. Springer, Cham. https://doi.org/10.1007/978-3-030-02744-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-02744-5_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02743-8
Online ISBN: 978-3-030-02744-5
eBook Packages: Computer ScienceComputer Science (R0)