Skip to main content
SpringerLink
Log in
SpringerLink
Log in

On Security Analysis of Proof-of-Elapsed-Time (PoET)

  • Conference paper
  • First Online:
Stabilization, Safety, and Security of Distributed Systems (SSS 2017)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 10616))

Abstract

As more applications are built on top of blockchain and public ledger, different approaches are developed to improve the performance of blockchain construction. Recently Intel proposed a new concept of proof-of-elapsed-time (PoET), which leverages trusted computing to enforce random waiting times for block construction. However, trusted computing component may not be perfect and 100% reliable. It is not clear, to what extent, blockchain systems based on PoET can tolerate failures of trusted computing component. The current design of PoET lacks rigorous security analysis and a theoretical foundation for assessing its strength against such attacks. To fulfill this gap, we develop a theoretical framework for evaluating a PoET based blockchain system, and show that the current design is vulnerable in the sense that adversary can jeopardize the blockchain system by only compromising \(\varTheta (\log \log n/\log n)\) fraction of the participating nodes, which is very small when n is relatively large. Based on our theoretical analysis, we also propose methods to mitigate these vulnerabilities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Notes

  1. 1.

    Throughout this paper, nodes and users are used interchangably.

  2. 2.

    The SGX component is used to generate a certificate for the public key and send the certificate to the system.

References

  1. Intel Software Guard Extensions Programming Reference, October 2014. https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf

  2. ARM: ARM security technology building a secure system using trustzone technology (2009)

    Google Scholar 

  3. Berry, A.C.: The accuracy of the gaussian approximation to the sum of independent variates. Trans. Am. Math. Soc. 49(1), 122–136 (1941)

    Article  MathSciNet  Google Scholar 

  4. Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. J. ACM (JACM) 51(4), 557–594 (2004)

    Article  MathSciNet  Google Scholar 

  5. Chen, L., Xu, L., Shah, N., Diallo, N., Gao, Z., Lu, Y., Shi, W.: Unraveling blockchain based crypto-currency system supporting oblivious transactions: a formalized approach. In: Proceedings of the ACM Workshop on Blockchain, Cryptocurrencies and Contracts, pp. 23–28 (2017)

    Google Scholar 

  6. Chen, L., Xu, L., Shah, N., Gao, Z., Lu, Y., Shi, W.: Decentralized execution of smart contracts: agent model perspective and its implications (2017)

    Chapter  Google Scholar 

  7. Chen, L., Xu, L., Shah, N., Gao, Z., Lu, Y., Shi, W.: On security analysis of proof-of-elapsed-time (PoET) (full version) (2017). http://i2c.cs.uh.edu/tiki-download_wiki_attachment.php?attId=70&download=y

    Google Scholar 

  8. Courtois, N.T., Emirdag, P., Nagy, D.A.: Could bitcoin transactions be 100x faster? In: 2014 11th International Conference on Security and Cryptography (SECRYPT), pp. 1–6. IEEE (2014)

    Google Scholar 

  9. Kaplan, D., Powell, J., Woller, T.: AMD memory encryption. Whitepaper, April 2016

    Google Scholar 

  10. Duembgen, L.: Bounding standard Gaussian tail probabilities. arXiv preprint arXiv:1012.2063 (2010)

  11. Duong, T., Fan, L., Zhou, H.S.: 2-hop blockchain: combining proof-of-work and proof-of-stake securely (2016)

    Google Scholar 

  12. Esseen, C.G.: On the Liapounoff Limit of Error in the Theory of Probability. Almqvist & Wiksell, Stockholm (1942)

    MATH  Google Scholar 

  13. Eyal, I., Gencer, A.E., Sirer, E.G., Van Renesse, R.: Bitcoin-NG: a scalable blockchain protocol. In: 13th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2016, pp. 45–59 (2016)

    Google Scholar 

  14. Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45472-5_28

    Chapter  Google Scholar 

  15. Garay, J., Kiayias, A., Leonardos, N.: The bitcoin backbone protocol: analysis and applications. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 281–310. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46803-6_10

    Chapter  Google Scholar 

  16. Gervais, A., Karame, G.O., Wüst, K., Glykantzis, V., Ritzdorf, H., Capkun, S.: On the security and performance of proof of work blockchains. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 3–16. ACM (2016)

    Google Scholar 

  17. Gordon, R.D.: Values of Mills’ ratio of area to bounding ordinate and of the normal probability integral for large values of the argument. Ann. Math. Stat. 12(3), 364–366 (1941)

    Article  MathSciNet  Google Scholar 

  18. Götzfried, J., Eckert, M., Schinzel, S., Müller, T.: Cache attacks on Intel SGX. In: Proceedings of the 10th European Workshop on Systems Security, p. 2. ACM (2017)

    Google Scholar 

  19. Intel: Sawtooth Lake (2017). https://intelledger.github.io/

  20. Kiayias, A., Koutsoupias, E., Kyropoulou, M., Tselekounis, Y.: Blockchain mining games. In: Proceedings of the 2016 ACM Conference on Economics and Computation, pp. 365–382. ACM (2016)

    Google Scholar 

  21. Kiayias, A., Russell, A., David, B., Oliynykov, R.: Ouroboros: a provably secure proof-of-stake blockchain protocol. Technical report, Cryptology ePrint Archive, Report 2016/889 (2016). http://eprint.iacr.org/2016/889

  22. Lawley, D.: A generalization of Fisher’s z test. Biometrika 30(1/2), 180–187 (1938)

    Article  Google Scholar 

  23. Lee, J., Jang, J., Jang, Y., Kwak, N., Choi, Y., Choi, C., Kim, T., Peinado, M., Kang, B.B.: Hacking in darkness: return-oriented programming against secure enclaves. In: USENIX Security (2017)

    Google Scholar 

  24. Luu, L., Narayanan, V., Baweja, K., Zheng, C., Gilbert, S., Saxena, P.: SCP: a computationally-scalable byzantine consensus protocol for blockchains. Technical report, Cryptology ePrint Archive, Report 2015/1168 (2015)

    Google Scholar 

  25. Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)

    Google Scholar 

  26. Pass, R., Seeman, L., Shelat, A.: Analysis of the blockchain protocol in asynchronous networks. IACR Cryptol. ePrint Arch. 2016, 454 (2016)

    MATH  Google Scholar 

  27. Sapirshtein, A., Sompolinsky, Y., Zohar, A.: Optimal selfish mining strategies in bitcoin. arXiv preprint arXiv:1507.06183 (2015)

  28. Tapscott, D., Tapscott, A.: Blockchain Revolution: How the Technology Behind Bitcoin is Changing Money, Business, and the World. Penguin, City of Westminster (2016)

    Google Scholar 

  29. Tyurin, I.S.: An improvement of upper estimates of the constants in the Lyapunov theorem. Russ. Math. Surv. 65(3), 201–202 (2010)

    Article  Google Scholar 

  30. Vukolić, M.: The quest for scalable blockchain fabric: proof-of-work vs. BFT replication. In: Camenisch, J., Kesdoğan, D. (eds.) iNetSec 2015. LNCS, vol. 9591, pp. 112–125. Springer, Cham (2016). doi:10.1007/978-3-319-39028-4_9

    Chapter  Google Scholar 

  31. Weichbrodt, N., Kurmus, A., Pietzuch, P., Kapitza, R.: AsyncShock: exploiting synchronisation bugs in intel SGX enclaves. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9878, pp. 440–457. Springer, Cham (2016). doi:10.1007/978-3-319-45744-4_22

    Chapter  Google Scholar 

Download references

Acknowledgement

This material is based upon work supported by the U.S. Department of Homeland Security under Grant Award Number 113039. The views and conclusions contained in this document are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the U.S. Department of Homeland Security.

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Houston, Houston, TX, 77204, USA

    Lin Chen, Lei Xu, Nolan Shah, Zhimin Gao, Yang Lu & Weidong Shi

Authors
  1. Lin Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lei Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nolan Shah
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Zhimin Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yang Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Weidong Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lin Chen .

Editor information

Editors and Affiliations

  1. University of Liverpool, Liverpool, United Kingdom

    Paul Spirakis

  2. Chalmers University of Technology, Gothenburg, Sweden

    Philippas Tsigas

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Chen, L., Xu, L., Shah, N., Gao, Z., Lu, Y., Shi, W. (2017). On Security Analysis of Proof-of-Elapsed-Time (PoET). In: Spirakis, P., Tsigas, P. (eds) Stabilization, Safety, and Security of Distributed Systems. SSS 2017. Lecture Notes in Computer Science(), vol 10616. Springer, Cham. https://doi.org/10.1007/978-3-319-69084-1_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69084-1_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69083-4

  • Online ISBN: 978-3-319-69084-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation