11 Hits in 1.5 sec

Low-Level Attacks in Bitcoin Wallets [chapter]

Andriana Gkaniatsou, Myrto Arapinis, Aggelos Kiayias
2017 Lecture Notes in Computer Science  
We address the lack of well-defined security properties that Bitcoin wallets should conform by articulating a minimal threat model against which any hardware wallet should defend.  ...  To that end, companies provide solutions that range from paper wallets to tamper-resistant smart-cards, offering different level of security.  ...  The privacy issues we address for the LEDGER wallets is an aspect that reflects to all BIP32 wallets, especially to those that that do not communicate in a secure way.  ... 
doi:10.1007/978-3-319-69659-1_13 fatcat:zmyca6mt45cbhgkllvuymjwikm

A New Look at the Refund Mechanism in the Bitcoin Payment Protocol [article]

Sepideh Avizheh, Reihaneh Safavi-Naini, Siamak F. Shahandashti
2018 arXiv   pre-print
We discuss the security of our proposed method and compare it with the previous solution.  ...  In this paper, we point out the drawbacks of McCorry et al.'s fix and propose a new approach for protection against refund attacks using the Bitcoin multi-signature mechanism.  ...  Our approach provides a solution that is robust against possible corruption of the merchant's local database, and preserves the privacy of the refund (i.e. the link between the customer and the refundee  ... 
arXiv:1807.01793v2 fatcat:klkah3z5jjgqrhcgtwdirnfsu4

Enhancing Cold Wallet Security with Native Multi-Signature schemes in Centralized Exchanges [article]

Shahriar Ebrahimi, Parisa Hasanizadeh, Seyed Mohammad Aghamirmohammadali, Amirali Akbari
2021 arXiv   pre-print
Currently, one of the most widely used protocols to secure cryptocurrency assets in centralized exchanges is categorizing wallets into cold and hot.  ...  Furthermore, we extend the application of the proposed method to an scalable scenario where users are directly involved in wallet generation and signing process of cold wallets in an MPC manner.  ...  Moreover, we analyze the security of the proposed cold wallet architecture and reduce it to the security of the underlying PKI.  ... 
arXiv:2110.00274v1 fatcat:r7dmrncfmvgdlnbki3zu7am5ma

Buy Your Coffee with Bitcoin: Real-World Deployment of a Bitcoin Point of Sale Terminal

Shayan Eskandari, Jeremy Clark, Abdelwahab Hamou-Lhadj
2016 2016 Intl IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld)  
We develop an evaluation framework utilizing security, usability, deployability criteria" examine several existing systems, tools.  ...  Following a requirements engineering approach, we designed, implemented a new Point of Sale (PoS) system that satisfies an optimal set of criteria within our evaluation framework.  ...  Another interesting lesson is the concept of locked price that is the price of Bitcoin for each sale is locked to the exact exchange rate at the time of the transaction.  ... 
doi:10.1109/uic-atc-scalcom-cbdcom-iop-smartworld.2016.0073 dblp:conf/uic/EskandariCH16 fatcat:s56vh73avvd7nft5nrwowcv6wm

On the Usability of Authenticity Checks for Hardware Security Tokens

Katharina Pfeffer, Alexandra Mai, Adrian Dabrowski, Matthias Gusenbauer, Philipp Schindler, Edgar R. Weippl, Michael Franz, Katharina Krombholz
2021 USENIX Security Symposium  
The final responsibility to verify whether a newly purchased hardware security token (HST) is authentic and unmodified lies with the end user.  ...  However, recently reported attacks on such tokens suggest that users cannot take the security guarantees of their HSTs for granted, even despite widely deployed authenticity checks.  ...  SBA Research (SBA-K1) is a COMET Centre within the framework of COMET -Competence Centers for Excellent Technologies Programme and funded by BMK, BMDW, and the province of Vienna.  ... 
dblp:conf/uss/PfefferMDGSWFK21 fatcat:pcxmvlsufng7hnkz3nuwiu7nra

If You Like Me, Please Don't "Like" Me: Inferring Vendor Bitcoin Addresses From Positive Reviews

Jochen Schäfer, Christian Müller, Frederik Armknecht
2021 Proceedings on Privacy Enhancing Technologies  
We demonstrate the applicability of the attack by modeling Bitcoin transactions based on vendor reviews of two separate darknet markets and retrieve matching transactions from the blockchain.  ...  We also show an extended variant that copes with the case that addresses are used only once.  ...  Acknowledgements We would like to thank the reviewers for their support and valuable insights. Part of the research was carried out while the main author was employed at SWR, Baden-Baden, Germany.  ... 
doi:10.2478/popets-2022-0022 fatcat:5btmlueg35h3fewpk4wnch2k54

Mixing Strategies in Cryptocurrencies and An Alternative Implementation [article]

Xinyuan Zhang
2020 arXiv   pre-print
Since the initial launch of Bitcoin by Satoshi Nakamoto in 2009, decentralized digital currencies have long been of major interest in both the academia and the industry.  ...  Each one relies on mathematical soundness and cryptographic wit to provide unique properties in addition to securing basic correctness.  ...  The BIP32 standard implements HD Wallets and is widely adopted by different Bitcoin wallets.  ... 
arXiv:2010.01670v1 fatcat:mi5tvycqdjdrxkbjyuiuywpd5a

Reactive Key-Loss Protection in Blockchains [article]

Sam Blackshear, Konstantinos Chalkias, Panagiotis Chatzigiannis, Riyaz Faizullabhoy, Irakliy Khaburzaniya, Eleftherios Kokoris-Kogias, Joshua Lind, David Wong, Tim Zakian
2021 IACR Cryptology ePrint Archive  
We provide an analysis of the threat and incentive models and formalize the concept of reactive KEy-Loss Protection (KELP).  ...  We achieve this by a 3-phase Commit() → Reveal() → Claim() − or − Challenge() smart contract that enables accessing funds of addresses for which the spending key is not available.  ...  The authors would like to thank all anonymous reviewers of FC21 WTSC workshop for comments and suggestions that greatly improved the quality of this paper.  ... 
dblp:journals/iacr/BlackshearCCFKK21 fatcat:z5lwxvt3anhivfteakfwc3zozu

IDMoB: IoT Data Marketplace on Blockchain

Kazim Rifat Ozyilmaz, Mehmet Dogan, Arda Yurdakul
2018 2018 Crypto Valley Conference on Blockchain Technology (CVCBT)  
Today, Internet of Things (IoT) devices are the powerhouse of data generation with their ever-increasing numbers and widespread penetration.  ...  The centerpiece of these technologies is "data". IoT device vendors should be able keep up with the increased throughput and come up with new business models.  ...  ACKNOWLEDGMENT This project has been partially supported by Scientific Research Fund of Bogazici University under grant number: 13500  ... 
doi:10.1109/cvcbt.2018.00007 dblp:conf/cvcbt/OzyilmazDY18 fatcat:pts4vb63fjcwhfsri2di5fpwqe

Digital asset management via distributed ledgers [article]

Dimitris Karakostas, University Of Edinburgh, Aggelos Kiayias, Vassilis Zikas
First, we analyze the security of various wallets.  ...  We start with a formal model of hardware wallets, followed by an analytical framework of PoS wallets, each outlining the unique properties of Proof-of-Work (PoW) and PoS respectively.  ...  A widely implemented wallet standard is the HD Wallet Standard BIP32 [Wui18] , based on the idea of deterministic wallets [M + 14].  ... 
doi:10.7488/era/1985 fatcat:p4pj3gvetrf67pgi4mh7thmfbi

Cryptography for Bitcoin and friends [article]

Tim Ruffing, Universität Des Saarlandes, Universität Des Saarlandes
The core of CoinShuffle++ is DiceMix, a novel and efficient protocol for broadcasting messages anonymously without the help of any trusted third-party anonymity proxies and in the presence of malicious  ...  deployment of coin mixing protocols.  ...  Second, the payee can send a BIP32 public key [BIP32] to the payer, which enables the payer to derive fresh addresses.  ... 
doi:10.22028/d291-30814 fatcat:knrduo4wpbglpg5a4rhy4mwdnu