Bolt: anonymous payment channels for decentralized currencies – Part II

Bolt: anonymous payment channels for decentralized currencies Green and Miers et al., CCS’17 Yesterday we spent some time looking at what payment channels are, their role in helping Bitcoin to scale by taking some of the load off of the chain, and some payment channels constructions such as direct channels, indirect channels via an intermediary, … Continue reading Bolt: anonymous payment channels for decentralized currencies – Part II

Bolt: anonymous payment channels for decentralized currencies – part I

Bolt: anonymous payment channels for decentralized currencies Green and Miers et al., CCS’17 In which I tried not to rant. But did end up ranting just a little bit... The world of blockchains and cryptocurrencies seems to be growing at quite a pace. Yesterday we looked at Solidus, which provides confidentiality for transactions taking place … Continue reading Bolt: anonymous payment channels for decentralized currencies – part I

Solidus: confidential distributed ledger transactions using PVORM

Solidus: confidential distributed ledger transactions via PVORM Cecchetti et al., CCS’17 Tokens on blockchains can be used to represent assets, and the ledger provides trade settlement on-chain. In a straightforward public blockchain, pseudonyms and transaction values are all publicly visible. Uncovering the true identities behind the pseudonyms becomes a real possibility (‘A fistful of Bitcoins’). … Continue reading Solidus: confidential distributed ledger transactions using PVORM

Tail attacks on web applications

Tail attacks on web applications Shan et al., CCS’17 This paper introduces a stealthy DDoS attack on classic n-tier web applications. It is designed to push the tail latency high while simultaneously being very hard to detect using traditional monitoring tools. The attack exploits ‘millibottlenecks’ — caused by buffers in the system that fill up … Continue reading Tail attacks on web applications

Economic factors of vulnerability trade and exploitation

Economic factors of vulnerability trade and exploitation Allodi, CCS’17 Today we’re going on a tour inside a prominent Russian cybercrime market, identified in the paper as ‘RuMarket’ (not its real name). The author infiltrated the market using a fake identity, and was subsequently able to collect data on market activities from 2010 to 2017. RuMarket … Continue reading Economic factors of vulnerability trade and exploitation

Be selfish and avoid dilemmas: fork-after-withholding attacks on Bitcoin

Be selfish and avoid dilemmas: fork-after-withholding (FAW) attacks on Bitcoin   Kwon et al., CCS’17 Bitcoin was designed to have no central authority. But power has an amazing way of concentrating. Mining solo is a bit like buying a lottery ticket - big payoff if you happen to win, but your chances of winning are pretty … Continue reading Be selfish and avoid dilemmas: fork-after-withholding attacks on Bitcoin