Skip to main content
SpringerLink
Log in

A post-quantum end-to-end encryption over smart contract-based blockchain for defeating man-in-the-middle and interception attacks

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Ethereum is a public, open-source, decentralized, and peer-to-peer blockchain-based computing network which is involving to the usefulness of smart contract. It gives a distributed Turing-complete virtual machine in which some codes can be executed by utilizing a worldwide and public network of nodes. The compelled certificate creation and Man-In-The-Middle (MITM) attacks are two major attacks on End-to-End Encryption (EEE) and SSL/TLS. A portion of the real attacks on end-to-end encryption and SSL/TLS is IP/ARP poisoning and the phishing attack. MITM attack makes the client difficult to understand, whether they are associated with a unique verified and secured connection or not. Since the certificate and public-key that is being passed during the connection setup is unreliable and insecure, the attacker can undoubtedly change the data in the certificate and leaves the endorsement of the certificate and public-key to the client. The purpose of this paper is to present a solution of providing the legitimacy and authenticity of freely shared and published online digital data, e.g., digital certificates, cryptographic keys, and common reference strings such as shared passwords using a mix of recently developed innovations which primary include blockchain, smart contract, InterPlanetary File System (IPFS), and quantum-resistant Password-based Authenticated Key Exchange (PAKE) protocol over rings and ideal lattices. Ethereum smart contract is utilized to manage, surveil, and give detectability and visibility into the history of digital data from its beginning to the most recent variant, in a way that it is decentralized and internationally accessed with high integrity, resiliency, and transparency, that we should thank to the immutability and irreversibility of the blockchain. The full code of our smart contract is given, with a discourse on the execution and testing of its key functionalities.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15

Similar content being viewed by others

Notes

  1. https://www.comodo.com

  2. https://www.godaddy.com

  3. https://www.certum.pl/pl

  4. https://keyserver.pgp.com/vkd/GetWelcomeScreen.event

  5. https://pgp.mit.edu

  6. https://ipfs.io/docs/install/

  7. http://getbootstrap.com/

  8. https://www.jetbrains.com/webstorm/

  9. https://metamask.io/

  10. http://remix.ethereum.org

References

  1. Zimmermann PR (1995) The official PGP User’s Guide., MIT Press, Cambridge

  2. OpenSSL. http://www.openssl.org

  3. Karbasi AH, Atani RE, Atani SE (2019) A new ring-based SPHF and PAKE protocol on ideal lattices. ISC Int J Inf Secur (ISeCure) 11(1):75–86

    Google Scholar 

  4. Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: 41st ACM STOC. ACM Press, Bethesda, pp 169–178

  5. Lyubashevsky V, Peikert C, Regev O (2013) On ideal lattices and learning with errors over rings. J ACM 60(6):43:1–43:35

    Article  MathSciNet  Google Scholar 

  6. Lyubashevsky V, Peikert C, Regev O (2013) A toolkit for ring-LWE cryptography. In: Johansson T, Nguyen PQ (eds) Eurocrypt 2013, Vol. 7881 of LNCS. Springer, pp 35–54

  7. Cramer R, Shoup V (2002) Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Eurocrypt. Springer Press, Amsterdam, pp 45–64

  8. Gennaro R, Lindell Y (2003) A framework for password-based authenticated key exchange. In: Eurocrypt. Springer Press, Warsaw, pp 524–543

  9. Abdalla M, Chevalier C, Pointcheval D (2009) Smooth projective hashing for conditionally extractable commitments. In: CRYPTO. Springer Press, Santa Barbara, pp 671–689

  10. Blazy O, Pointcheval D, Vergnaud D (2012) Round-optimal privacy-preserving protocols with smooth projective hash functions. In: TCC. Springer Press, Taormina, pp 94–111

  11. Katz J, Ostrovsky R, Yung M (2001) Efficient password-authenticated key exchange using human-memorable passwords. In: Eurocrypt. Springer Press, Innsbruck, pp 475–494

  12. Bellare M, Pointcheval D, Rogaway P (2000) Authenticated key exchange secure against dictionary attacks. In: Eurocrypt. Springer press, Bruges, pp 139–155

  13. SPEKE: RFC5931, RFC6617, IEEE P1363.2, U.S. Patent 6,226,383

  14. J-PAKE Implemented in OpenSSL, NSS, used by FIREFOX-SYNC. https://wiki.mozilla.org/Services/KeyExchange

  15. Gong L, Lomas TMA, Needham RM, Saltzer JH (1993) Protecting poorly chosen secrets from guessing attacks. IEEE J Sel Area Comm 11(5):648–656

    Article  Google Scholar 

  16. Halevi S, cryptography H. Krawczyk. (1999) Public-key cryptography and password protocols. ACM Trans Inf Syst Secur 2(3):230–268

    Article  Google Scholar 

  17. Bellovin SM, Merritt M (1992) Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: IEEE Symposium on security and privacy. IEEE Press, pp 72–84

  18. MacKenzie PD, Patel S, Swaminathan R (2000) Password-authenticated key exchange based on RSA. In: Asiacrypt. Springer Press, pp 599–613

  19. Goldreich O, Lindell Y (2006) Session-key generation using human passwords only. J Cryptol 19(3):241–340

    Article  MathSciNet  Google Scholar 

  20. Boyko V, MacKenzie PD, Patel S (2000) Provably secure password-authenticated key exchange using Diffie-Hellman. In: Eurocrypt. Springer Press, pp 156–171

  21. Nguyen MH, Vadhan S (2008) Simpler session-key generation from short random passwords. J Cryptol 21 (1):52–96

    Article  MathSciNet  Google Scholar 

  22. Benhamouda F, Blazy O, Chevalier C, Pointcheval D, Vergnaud D (2013) New techniques for SPHFs and efficient one-round PAKE protocols. In: Crypto. Springer Press, Santa Barbara, pp 449–475

  23. Gennaro R (2008) Faster and shorter passwordauthenticated key exchange. In: TCC. Springer Press, pp 589–606

  24. Katz J, MacKenzie PD, Taban G, Gligor VD (2005) Two-server password-only authenticated key exchange. In: 3Rd international conference on applied cryptography and network security (ACNS). Springer Press, pp 1–16

  25. Canetti R, Halevi S, Katz J, Lindell Y, MacKenzie PD (2005) Universally composable password-based key exchange. In: Eurocrypt. Springer Press, pp 404–421

  26. Gennaro R (2006) Y. Lindell. A framework for password-based authenticated key exchange. ACM Trans Inf Syst Secur 9(2):181–234

    Article  Google Scholar 

  27. Jiang S, Gong G (2004) Password based key exchange with mutual authentication. In: 11Th annual international workshop on selected areas in cryptography (SAC). Springer Press, pp 267– 279

  28. Katz J, Vaikuntanathan V (2009) Smooth projective hashing and password-based authenticated key exchange from lattices. In: Asiacrypt. Springer Press, Tokyo, pp 636–652

  29. Rivest RL, Shamir A, Adleman LM (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126

    Article  MathSciNet  Google Scholar 

  30. Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory, IT- 22(6):644–654

    Article  MathSciNet  Google Scholar 

  31. Zhang J, Zhang Z, Ding J, Snook M, Dagdelen O (2015) Authenticated key exchange from ideal lattices. In: Oswald E., Fischlin M (eds) Eurocrypt 2015. LNCS, vol 9057. Springer, Berlin, pp 719–751

  32. Ding J, Alsayigh S, Lancrenon J (2017) Provably secure password authenticated key exchange based on RLWE for the Post-Quantum world. CT-RSA, pp 183–204

  33. Benhamouda F, Blazy O, Ducas L, Quach W (2018) Hash proof systems over lattices revisited. Public-Key Cryptography (PKC), pp 644–674

  34. Travers J, Milgram S (1967) The small world problem. In: Phychology today 1, pp 61–67

  35. Penning HP Analysis of the strong set in the PGP web of trust. https://pgp.cs.uu.nl/plot/ (visited on 02/16/2019)

  36. Pors M Understanding the IPFS White Paper part 2. url=https://decentralized.blog/ understanding-the-ipfs-white-paper-part-2.html. (visited on 02/16/2019)

  37. Nakamoto S Bitcoin: a peer-to-peer electronic cash system. White paper

  38. Opara EU, Soluade OA (2015) Straddling the next cyber frontier: the empirical analysis on network security, exploits, and vulnerabilities. Int J Electron Inf Eng 3(1):10–18

    Google Scholar 

  39. Singh J (2014) Cyber-attacks in cloud computing: a case study. Int J Electron Inf Eng 1(2):78–87

    Google Scholar 

  40. Garay J, Kiayias A, Leonardos N (2015) The bitcoin backbone protocol: analysis and applications. Springer, Berlin, pp 281–310

    MATH  Google Scholar 

  41. Gervais A, Karame GO, Capkun V, Capkun S (2014) Is bitcoin a decentralized currency? IEEE Secur Privacy 12:54–60

    Article  Google Scholar 

  42. Buterin V, et al. (2013) Ethereum white paper

  43. Wood G (2014) Ethereum: a secure decentralised generalised transaction ledger. In: Ethereum project yellow paper 151

  44. Solidity Language. https://solidity.readthedocs.io/en/develop/ (visited on 02/18/2019)

  45. Remix-Solidity IDE. https://remix.readthedocs.io/en/latest/(visitedon02/18/2019)

  46. Serpent Language. https://github.com/ethereum/wiki/wiki/ Serpent (visited on 02/18/2019)

  47. Schneier B (2007) Applied cryptography: protocols, algorithms, and source code in C. Wiley, New York

    MATH  Google Scholar 

  48. McKinley HL (2003) SSL And TLS: a beginners guide SANS institute

  49. Huawei Z, Ruixia L (2009) A scheme to improve security of SSL. In: Proceedings of the Pacific-Asia Conference on Circuits, Communications and System, (PACCS’ 09)

  50. Stevens M, Sotirov A, Appelbaum J, Lenstra A, Molnar D, Osvik DA, Weger B (2009) Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate. In: Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology. Springer, Berlin, pp 55–69

  51. Kaminsky D, Patterson ML, Sassaman L (2010) PKI Layer cake: new collision attacks against the global x.509 infrastructure. In: Proceedings of Financial Cryptography and Data Security - 14th International Conference (FC 2010)

  52. Sotirov A, Zusman M. Breaking the Security Myths of Extended Validation SSL Certificates. BlackHat USA, 2009. www.blackhat.com/presentations/bhusa-09/SOTIROV/BHUSA09-SotirovAttackExtSSL-SLIDES.pdf (visited on 02/23/2019)

  53. Marlinspike M. More Tricks for Defeating SSL in Practice. BlackHat USA, 2009. www.blackhat.com/presentations/bh-usa-09/MARLINSPIKE/BHUSA09-MarlinspikeDefeatSSL-SLIDES.pdf (visited on 02/23/2019)

  54. Ray M, Dispensa S. Renegotiating TLS. 2009. https://kryptera.se/Renegotiating%20TLS.pdf (visited on 02/23/2019).

  55. Schechter SE, Dhamija R, Ozment A, Fischer I (2007) The emperor’s new security indicators. In: SP ’07: Proceedings of the 2007 IEEE Symposium on Security and Privacy, pp 51–65, Washington, DC, USA

  56. Marlinspike M. sslsniff, 2009. https://moxie.org/software/sslsniff/ (visited on 02/23/2019)

  57. Marlinspike M. sslsniff, 2009. https://moxie.org/software/sslstrip/ (visited on 02/23/2019)

  58. Lee Y, Hur S, Won D, Kim S (2009) Cipher suite setting problem of SSL protocol and it’s solutions. In: Proceedings of the International Conference on Advanced Information Networking and Applications Workshops, (WAINA ’09)

  59. Christopher S, Stamm S (2011) Certified lies: Detecting and defeating government interception attacks against SSL (short paper). International Conference on Financial Cryptography and Data Security. Springer, Berlin

  60. Wagner R, Bryner J (2006) Address resolution protocol spoofing and MITM attacks SANS institute

  61. Joshi Y, Das D, Saha S (2009) Mitigating man in the middle attack over secure sockets layer. In: Proceedings of the International Conference on Internet Multimedia Services Architecture and Applications, (IMSAA ’09)

  62. Cheng K, Gao M, Guo R (2010) Analysis and research on HTTPS hijacking attacks. In: Proceedings of the Second International Conference Networks Security Wireless Communications and Trusted Computing, (NSWCTC ’10)

  63. Jiang D, Xinghui L, Hua H. (2011) A Study of Man-in-the-Middle Attack Based on SSL Certificate Interaction. In: Proceedings of the 2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control, (IMCCC ’11)

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Khazar University, Baku, Azerbaijan

    Amir Hassani Karbasi

  2. Department of Computer Engineering, University of Tabriz, Tabriz, Iran

    Siyamak Shahpasand

Authors
  1. Amir Hassani Karbasi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Siyamak Shahpasand
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amir Hassani Karbasi.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Karbasi, A.H., Shahpasand, S. A post-quantum end-to-end encryption over smart contract-based blockchain for defeating man-in-the-middle and interception attacks. Peer-to-Peer Netw. Appl. 13, 1423–1441 (2020). https://doi.org/10.1007/s12083-020-00901-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-020-00901-w

Keywords

Search

Navigation