TY - GEN
T1 - CORE
T2 - 44th IEEE International Conference on Distributed Computing Systems, ICDCS 2024
AU - Wang, Shan
AU - Yang, Ming
AU - Cao, Jiannong
AU - Ling, Zhen
AU - Tang, Qiang
AU - Fu, Xinwen
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - In blockchain applications such as digital goods exchange, private data may be transmitted from a data owner to a recipient through a transfer transaction. However, these blockchain applications often assume the underlying blockchain system is secure and reliable, and thus do not consider transaction failures. We find that a failed transfer transaction may disclose the private data to the recipient, but the data owner may not receive tokens as payments or the ledger may not correctly record the data trail. To handle transaction failures and protect private data, we propose a novel transaction commit-controlled release (CORE) protocol. With CORE, the private data can only be obtained by an intended recipient after the transfer transaction is committed, the data owner receives tokens, and the ledger correctly records the data trail. We perform security analysis of CORE, implement CORE and evaluate its performance over representative public and permissioned blockchains. The results of our extensive experiments show CORE introduces minor overhead in terms of transaction latency and transaction fees. We are the first to identify and address the generic private data disclosure issues in both public and permissioned blockchains.
AB - In blockchain applications such as digital goods exchange, private data may be transmitted from a data owner to a recipient through a transfer transaction. However, these blockchain applications often assume the underlying blockchain system is secure and reliable, and thus do not consider transaction failures. We find that a failed transfer transaction may disclose the private data to the recipient, but the data owner may not receive tokens as payments or the ledger may not correctly record the data trail. To handle transaction failures and protect private data, we propose a novel transaction commit-controlled release (CORE) protocol. With CORE, the private data can only be obtained by an intended recipient after the transfer transaction is committed, the data owner receives tokens, and the ledger correctly records the data trail. We perform security analysis of CORE, implement CORE and evaluate its performance over representative public and permissioned blockchains. The results of our extensive experiments show CORE introduces minor overhead in terms of transaction latency and transaction fees. We are the first to identify and address the generic private data disclosure issues in both public and permissioned blockchains.
KW - Blockchain
KW - Data Transfer
KW - Private Data Leak
UR - https://www.scopus.com/pages/publications/85203130486
U2 - 10.1109/ICDCS60910.2024.00038
DO - 10.1109/ICDCS60910.2024.00038
M3 - Conference article published in proceeding or book
AN - SCOPUS:85203130486
T3 - Proceedings - International Conference on Distributed Computing Systems
SP - 322
EP - 332
BT - Proceedings - 2024 IEEE 44th International Conference on Distributed Computing Systems, ICDCS 2024
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 23 July 2024 through 26 July 2024
ER -