A Secure Interoperability Management Scheme for Cross-Blockchain Transactions
Abstract
:1. Introduction
- Data confidentiality is critical for cross-chain transactions with asset transfers involving all parties, including private/consortium chains and users of cross-chain transactions and blockchain service providers (or platforms). Since the data associated with cross-chain transactions are sensitive and can reveal much about the people and organizations holding the data, privacy is extremely important.
- Data integrity is also critical for cross-chain transactions and asset transfers. We must ensure that confidential information cannot be secretly altered or deleted by intruders during cross-chain transactions.
- Non-repudiation of cross-chain transactions is also indispensable. Cross-chain transactions must be non-repudiable and traceable. If transactions are undeniable, when there is a dispute about cross-chain transactions, neither the involved parties nor the relay agencies can deny that data were transmitted and received. This makes it easier to resolve disputes and is useful for auditing purposes.
- During cross-chain entity communication for transactions, a malicious adversary can deceive the entities in a variety of ways by sending counterfeit and modified connections or messages. First, a malicious adversary may launch impersonation attacks and man-in-the-middle (MITM) attacks, accompanied by fake messages, to deceive legal entities and make them believe that the adversaries are also legal transaction entities, i.e., legal blockchains. Therefore, legal entities will not question an adversary’s “legitimate but malicious” behaviors, allowing the latter to steal sensitive user data. Second, an attacker may listen in on, or even interrupt legally transmitted cross-chain transaction information, obtain the network status and confidential information of others, and reuse this information between sessions to deceive a legitimate entity. Since the communication is legally issued by a legitimate entity, its authenticity will be confirmed if no further replay behavior checks are performed. Third, a denial of service (DoS) attack could cause the cross-blockchain transaction process to be disrupted. In most cases, the attacker will send legal signals to the communicating entity, thus exhausting the victim’s computing power and capacity. Thus, the service availability of cross-chain transactions cannot be guaranteed. Based on the above contingencies, it is critical to include a verification mechanism in a secure blockchain interoperability scheme to ensure the validity of interacting organizations. On the other hand, a secure blockchain interoperability scheme for the cross-chain transactions or data transfer must ensure immunity to man-in-the-middle (MITM) attacks, replay attacks, denial of service (DoS) attacks, and counterfeiting.
- First, our proposed scheme is based on the Elliptic Curve Discrete Logarithm Problem (ECDLP) and the Certificateless Signature Scheme to provide the security of cross-blockchain transactions, realizes the compatibility between various blockchains, and ensures the consistency, confidentiality, and integrity of data exchange in practice. The traceable digital signature ensures non-repudiation of transactions and greatly reduces the possibility of MITM attacks, replay attacks, DoS attacks, and counterfeiting.
- Second, we extensively surveyed and studied the major cross-blockchain approaches and related consensus mechanisms across blockchains. In addition, we have demonstrated the robustness and efficiency of our proposed secure interoperability management scheme through the formal security analysis and performance evaluation and vulnerability discussion of web3 used in our implementation. These results demonstrate the feasibility of our proposed management scheme and show our contribution to the development of research for cross-blockchain transactions.
2. Related Work
3. Preliminaries
- Setup: This phase is executed by a trusted third party (TTP), such as a Trusted System Authority (TSA) or a trusted Key Generation Center (KGC). A TTP produces the master private key , using a random number as the security parameter , and then uses the master private key to generate the master public key, . Lastly, it transmits the master public key and a list of public system parameters, , to all system users.
- PartialPrivateKeyExtract: TTP takes the user i’s identity, , the master secret key , and as input, and outputs a partial secret key, , for the user i.
- SetSecretValue: The user i inputs the user i’s partial private key, , the system parameter params, and randomly selects a value as his/her secret. Later, the user i generates a complete private key, , which only the user knows.
- SetPublicKey: In this phase, the user i outputs his/her public key, , using and the secret value of the user.
- Sign: This phase takes the message, m, master public key, , the user i’s private key, , his/her identity, , and as input, and outputs a signature on m.
- Verify: This phase takes the master public key, , the user i’s partial private key, , , the message, m, and the signature as inputs, and returns 1 for a valid output; otherwise, it returns 0.
4. The Proposed Scheme
- Setup (Figure 2):
- Once the transaction launcher asks for a cross-blockchain transaction, blockchain sends a transaction request to blockchain . When blockchain receives a transaction request from the relay chain, it selects a security parameter, , based on the ECDLP, generates a group, , of elliptic curve points of prime order , and determines a generator, , of .
- Then, blockchain chooses a secure hash function [25], and securely shares with all members of .
- After that, member chooses a private key, , and calculates a public key, . Finally, publishes and keeps securely.
- Partial Private Key Extract (Figure 2):
- Given , , and the public identity, , of the producer, , generates a random number, , and calculates , , and mod n.
- Then, returns a partial private key to the producer, , who checks the validity of on the basis of whether the two computed values, i.e., and , are equal or not, where and are publicly known, and is computed.
- Set Secret Value (Figure 2):
- After the producer, , confirms the validity of , the producer, , sends to member of blockchain .
- immediately chooses a private key, and calculates a public key, .
- Next, generates a random number, , and calculates , , and mod n.
- Then, outputs a partial private key to the producer, . Once is received, checks the validity of the values with the equation . If the equation holds, the producer, , updates the public .
- Set Public Key (Figure 2):The producer, , picks a random number, , as its secret value. Given and , the producer, , computes as its public key.
- Sign (Figure 3):Given , , and a transaction, , involved with members and , the producer, , generates a signature for via the following computations:
- Choose a random number, .
- Compute , , and mod n. Note that is the signature contained in the last valid block generated in a legitimate manner and adopted by the relay chain.
- Output as the signature of the transaction, .
- Verify (Figure 4):Given , , , , and , the verifier examines the validity of via the following computations:
- Compute , , and , where and can be obtained by inquiry through the relay chain.
- Determine if hold. The correctness of the signature, , is presented as follows:
5. Performance and Security Analysis
5.1. Performance Evaluation of the Proposed Interoperability Management Scheme for Cross-Chain Transactions
- Phase P1 models the private chain choosing a security parameter in the initial stage of the blockchain. Then, it exploits the elliptic curve discrete logarithm problem (ECDLP) to generate a secure hash function, , with the SHA3-256 algorithm, and securely shares it with all members of A via a smart contract. The above processes are referred to as phase P1. According to our implementation, it requires 10.601 s for the mining procedure, and the computation cost of core security components and smart contract uploading was 7.318 ms.
- Phase P2 models the following processes. First, the producer sends its ID to the private chain . Private chain then uses the elliptic curve Diffie–Hellman (ECDH) algorithm to generate a shared key, , with the producer’s ID and the private chain ’s private key. Next, by deploying a smart contract on chain , a transaction,, is generated, and is sent to the producer with the transaction. The above processes are represented as phase P2. Based on our implementation, we obtained an average mining time of 10.592 s, and the computation cost of core security components and smart contract uploading was 150.955 ms for P2.
- In phase P3, the producer validates , and sends a success (or failure) acknowledgment to chain . Then, the producer transmits the smart contract, which stores chain ’s public key and secure hash function, H, to private chain . In this phase, we achieved an average mining cost of 10.441 s, and the computation cost of core security components and smart contract uploading was 152.218 ms for P3.
- For phase P4, private chain exploits the ECDH algorithm to generate a shared key, , using the producer’s ID and its private key. After that, by deploying a smart contract on chain , a transaction, , is generated, and is sent to the producer with the transaction. On average, a mining time of 20.32 s is required, and the computation cost of core security components and smart contract uploading was 22.085 ms for P4.
- For phase P5, the producer validates , and sends a success (or failure) acknowledgment to chain . Then, the producer issues a digital signature on the transaction. Note that the digital signature scheme is the Elliptic Curve Digital Signature Algorithm (ECDSA). In our implementation, an average mining time of 10.446 s was required, and the computation cost of core security components and smart contract uploading was 23.881 ms for P5.
- Phase P6 represents the producer’s return of the signature of the cross-chain transaction to the two private chains, whereupon the private chain’s verification of the signature occurs. The experimental results show that the computation time of core security components from sending the signature to uploading the smart contract to the two private chains required 269.367 ms, and a mining time of 20.32 s was required, on average.
5.2. Security Analysis
- This oracle allows Ad to launch a session, , of the process of our proposed scheme and get back a session identifier .
- This oracle allows Ad to send a message, , to any given node, , and get back response from session .
- This oracle models a passive attack by allowing Ad to eavesdrop and gain reading access to the message, , exchanged between and in session .
- This oracle models an active attack by allowing Ad to interrupt and modify the message, , exchanged between and in session .
5.3. Discussion on Security Issues with the Adoption of Web3 in Our Implementation
6. Conclusions
Author Contributions
Funding
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- Nakamoto, S. Bitcoin: A Peer-to-Peer Electronic Cash System. 2008. Available online: https://bitcoin.org/bitcoin.pdf (accessed on 20 October 2022).
- Khatal, S.; Rane, J.; Patel, D.; Patel, P.; Busnel, Y. FileShare: A Blockchain and IPFS Framework for Secure File Sharing and Data Provenance. In Advances in Machine Learning and Computational Intelligence; Springer: Singapore, 2021; pp. 825–833. [Google Scholar]
- Agbo, C.C.; Mahmoud, Q.H.; Eklund, J.M. Blockchain technology in healthcare: A systematic review. Healthcare 2019, 7, 56. [Google Scholar] [PubMed] [Green Version]
- Saberi, S.; Kouhizadeh, M.; Sarkis, J.; Shen, L. Blockchain technology and its relationships to sustainable supply chain management. Int. J. Prod. Res. 2019, 57, 2117–2135. [Google Scholar] [CrossRef] [Green Version]
- Gao, Y.; Pan, Q.; Liu, Y.; Lin, H.; Chen, Y.; Wen, Q. The Notarial Office in E-government: A Blockchain-Based Solution. IEEE Access 2021, 9, 44411–44425. [Google Scholar] [CrossRef]
- Zamyatin, A.; Harz, D.; Lind, J.; Panayiotou, P.; Gervais, A.; Knottenbelt, W. XCLAIM: Trustless, Interoperable, Cryptocurrency-Backed Assets. In Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 19–23 May 2019; pp. 193–210. [Google Scholar]
- Buterin, V. Chain Interoperability; R3 Research Paper; IEEE: Manhattan, NY, USA, 2016. [Google Scholar]
- Hope-Bailie, A.; Thomas, S. Interledger: Creating a Standard for Payments. In Proceedings of the 25th International Conference Companion on World Wide Web, Montréal, QC, Canada, 11–15 April 2016; pp. 281–282. [Google Scholar]
- Chow, J. Btc Relay. 2016. Available online: https://buildmedia.readthedocs.org/media/pdf/btc-relay/latest/btc-relay.pdf (accessed on 20 October 2022).
- Kwon, J.; Buchman, E. Cosmos Whitepaper. 2020. Available online: https://cosmos.network/resources/whitepaper (accessed on 15 June 2021).
- Wood, G. Polkadot: Vision for a Heterogenous Multi-Chain Framework. November 2016. Available online: https://polkadot.network/PolkaDotPaper.pdf (accessed on 15 June 2021).
- Poon, J.; Dryja, T. The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments. 2016. Available online: https://www.bitcoinlightning.com (accessed on 20 October 2022).
- Egger, C.; Moreno-Sanchez, P.; Maffei, M. Atomic multi-channel updates with constant collateral in Bitcoin-compatible payment-channel networks. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, (CCS), London, UK, 11–15 November 2019; pp. 801–815. [Google Scholar]
- Jin, H.; Dai, X.; Xiao, J. Towards a Novel Architecture for Enabling Interoperability amongst Multiple Blockchains. In Proceedings of the 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS), Vienna, Austria, 2–6 July 2018; pp. 1203–1211. [Google Scholar]
- Li, D.; Liu, J.; Tang, Z.; Wu, Q.; Guan, Z. AgentChain: A Decentralized Cross-Chain Exchange System. In Proceedings of the 2019 18th IEEE International Conference On Trust, Security And Privacy in Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), Rotorua, New Zealand, 5–8 August 2019; pp. 491–498. [Google Scholar]
- Pang, Y. A new consensus protocol for blockchain interoperability architecture. IEEE Access 2020, 8, 153719–153730. [Google Scholar] [CrossRef]
- Wu, Z.; Xiao, Y.; Zhou, E.; Pei, Q.; Wang, Q. A Solution to Data Accessibility Across Heterogeneous Blockchains. In Proceedings of the 2020 IEEE 26th International Conference on Parallel and Distributed Systems (ICPADS), Hong Kong, 2–4 December 2020; pp. 414–421. [Google Scholar]
- Qiao, R.; Luo, X.-Y.; Zhu, S.-F.; Liu, A.-D.; Yan, X.-Q.; Wang, Q.-X. Dynamic Autonomous Cross Consortium Chain Mechanism in e-Healthcare. IEEE J. Biomed. Health Inform. 2020, 24, 2157–2168. [Google Scholar] [PubMed]
- Wang, G.; Nixon, M. InterTrust: Towards an Efficient Blockchain Interoperability Architecture with Trusted Services. In Proceedings of the 2021 IEEE International Conference on Blockchain (Blockchain), Melbourne, Australia, 6–8 December 2021; pp. 150–159. [Google Scholar] [CrossRef]
- Li, Y.; Liu, H.; Tan, Y. POLYBRIDGE: A Crosschain Bridge for Heterogeneous Blockchains. In Proceedings of the 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), Shanghai, China, 2–5 May 2022; pp. 1–2. [Google Scholar] [CrossRef]
- Zhang, L.; Ge, Y. Identity Authentication Based on Domestic Commercial Cryptography with Blockchain in the Heterogeneous Alliance Network. In Proceedings of the 2021 IEEE International Conference on Consumer Electronics and Computer Engineering (ICCECE), Guangzhou, China, 15–17 January 2021; pp. 191–195. [Google Scholar] [CrossRef]
- Cao, L.; Song, B. Blockchain cross-chain protocol and platform research and development. In Proceedings of the 2021 International Conference on Electronics, Circuits and Information Engineering (ECIE), Zhengzhou, China, 22–24 January 2021; pp. 264–269. [Google Scholar] [CrossRef]
- Sober, M.; Scaffino, G.; Spanring, C.; Schulte, S. A Voting-Based Blockchain Interoperability Oracle. In Proceedings of the 2021 IEEE International Conference on Blockchain (Blockchain), Melbourne, Australia, 6–8 December 2021; pp. 160–169. [Google Scholar] [CrossRef]
- Huang, X.; Mu, Y.; Susilo, W.; Wong, D.S.; Wu, W. Certificateless signature revisited. Lect. Notes Comput. Sci. 2007, 4586, 308–322. [Google Scholar]
- SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, FIPS 202. August 2015. Available online: http://dx.doi.org/10.6028/NIST.FIPS.202 (accessed on 15 June 2021).
- Bouncy Castle Crypto APIs. Available online: https://www.bouncycastle.org/ (accessed on 15 June 2021).
- Snyk—Web3 Vulnerabilities. Available online: https://snyk.io/vuln/npm:web3 (accessed on 8 November 2022).
Approaches | Decentralization | Trustworthy | Cross-Blockchain Consensus |
---|---|---|---|
XCLAIM [6] | Yes | Yes | Consensus verification depends on the consensus mechanism that supports the use of the blockchain, and the relay chain can adjust the verification method according to the consensus used by different participants. |
Interledger [8] | No | No | Not the cross-blockchain consensus mechanism, but a technical protocol for cross-chain value transfer. When all participants reach a consensus on funds through intermediaries, they can trade. |
BTC Relay [9] | Yes | Yes | The consensus of Bitcoin is required for block header transfer. |
Cosmos [10] | Yes | Yes | A certain number of signatures are required for the transfer of block headers. Safety issues due to the lack of guarantees surrounding atomic behavior. |
Polkadot [11] | Yes | Yes | Parachains use the shared consensus technique to share the relay chain consensus. |
Lightning Network [12] | Yes | Yes | Not the cross-blockchain consensus mechanism, but a 2-layer payment protocol that works on the blockchain (primarily for Bitcoin). |
Egger et al. [13] | Yes | Yes | Not the cross-blockchain consensus mechanism, but they propose a protocol for atomic multi-channel updates (AMCU), and simplified collateral compatible with Bitcoin (and other cryptocurrencies with reduced scripting capabilities). |
Jin et al. [14] | - | - | Not the cross-blockchain consensus mechanism, but they reinterpret the consensus protocol in the context of cross-blockchain interaction as a verification protocol. |
Li et al. [15] | Yes | Yes | Consensus is based on multi-signatures signed by transaction operators, and the system will only confirm cross-chain programs if the number of valid signatures exceeds a preset threshold ratio. |
Pang [16] | Yes | Yes | A new consensus protocol, Multi-tokens Proof of Stake (MPoS), for blockchain interoperability architecture, which can reinforce the token network effects in cross-chain ecosystems and grow the user base of parachains exponentially. |
Wu et al. [17] | Yes | Yes | A message-oriented verification consensus, and a common framework for cross-blockchain communication based on a cyclical committee rotation mechanism to support the exchange of information for various transactions across multiple heterogeneous blockchain systems. |
Qiao et al. [18] | Yes | Yes | The consensus as a threshold digital signature process with multiple privileged subgroups. |
Wang and Nixon [19] | Yes | Yes | The proposed InterTrust scheme has an atomic cross-chain communication protocol, a threshold signature scheme, and a trusted hardware design, and thus can provide consistency, verifiability, and trusted services in the target blockchain systems. |
Li et al. [20] | Yes | Yes | The proposed PolyBridge scheme is based on a PolyChain architecture and a web application implementation, enabling communications among existing blockchain platforms with various consensus models and atomicity. |
Zhang and Ge [21] | No | No | The proposed scheme adopts various cryptographic techniques, i.e., SM2, SM3, SM4, SM9, and ZUC, verified by China to satisfy the security functionalities such as encryption, decryption, signature, and verification of cross-chain transactions. |
Cao and Song [22] | Yes | Yes | An implementation is presented with several techniques, such as atomic swaps, Schnorr protocol, and smart contract, to guarantee distributed asynchronous transactions among blockchain networks with appropriate system efficiency, throughput, and scalability. |
Sober et al. [23] | Yes | Yes | The proposed scheme integrates the voting-based signatures into blockchain interoperability to support that communicating nodes can generate a distributed private key to execute an off-chain aggregation mechanism, and further achieve interoperability among various blockchains. |
Our Proposed Scheme | Yes | Yes | A secure interoperability management scheme that can be interpreted as the new consensus of cross-blockchain transactions relies on digital signatures with certificateless signature primitives to ensure the security and traceability of cross-blockchain transactions. |
Notation | Description |
---|---|
blockchains | |
relay chain | |
, | member of blockchain or |
A transaction, , involved with and | |
A producer, , who is responsible for generating a block corresponding to inside . | |
A security parameter based on the ECDLP | |
A secure hash function | |
, | Private keys |
, , | Public keys , |
The public identity, , of | |
, , | Random numbers |
The signature contained in the last valid block generated in a legitimate manner and adopted by the relay chain. | |
The signature of |
Item | Description |
---|---|
VM Resources | Intel i9-10900 Processor, ADATA 32 GB 2633 MHz DDR4 RAM, ADATA 500 GB M.2 SSD |
Software Platform | Windows 10 64-Bit, Ethereum, Go 1.8.9, Solidity 4.2.26, Remix IDE, Web3.js 1.5.0, Oracle Java 11, Eclipse 3.8 with Open JDK, Geth 1.10.2 with puppet, Bouncy Castle library [18] for Java |
Phase | Process | ms | Percentage |
---|---|---|---|
P1 | Generate, | 1.317 | 0.21% |
Uploadandto the SC * | 6.001 | 0.96% | |
Computation Time of P1 | 7.318 | 1.17% | |
P2 | Generate | 1.263 | 0.2% |
Compute,, and | 44.583 | 7.12% | |
Compute | 56.099 | 8.97% | |
Compute | 43.01 | 6.87% | |
Upload,, andto the SC * | 6 | 0.96% | |
Computation Time of P2 | 150.955 | 24.12% | |
P3 | Generateand | 3.006 | 0.48% |
Compute,, and | 44.584 | 7.12% | |
Compute | 56.589 | 9.04% | |
Compute | 42.039 | 6.72% | |
Upload,, andto the SC * | 6 | 0.96% | |
Computation Time of P3 | 152.218 | 24.32% | |
P4 | Generate | 1.263 | 0.2% |
Compute | 14.845 | 2.37% | |
Uploadto the SC * | 5.977 | 0.96% | |
Computation Time of P4 | 22.085 | 3.53% | |
P5 | Generate | 1.265 | 0.2% |
Compute,, and | 16.615 | 2.66% | |
Upload,, andto the SC * | 6.001 | 0.96% | |
Computation Time of P5 | 23.881 | 3.82% | |
P6 | Compute | 0.315 | 0.05% |
Compute | 0.329 | 0.05% | |
Compute | 0.343 | 0.06% | |
Compute | 102.668 | 16.41% | |
Compute | 159.711 | 25.52% | |
Upload,, andto the SC * | 6.001 | 0.96% | |
Computation Time of P6 | 269.367 | 43.04% | |
Total Computation Time | 625.824 | 100% |
Phase | Mining Cost/per | Computation Cost/per |
---|---|---|
P1 | 10.601 s | 7.318 ms |
P2 | 10.592 s | 150.955 ms |
P3 | 10.441 s | 152.218 ms |
P4 | 20.32 s | 22.085 ms |
P5 | 10.446 s | 23.881 ms |
P6 | 24.811 s | 269.367 ms |
Total Cost | 87.211 s | 625.824 ms |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Yeh, K.-H.; Yang, G.-Y.; Butpheng, C.; Lee, L.-F.; Liu, Y.-H. A Secure Interoperability Management Scheme for Cross-Blockchain Transactions. Symmetry 2022, 14, 2473. https://doi.org/10.3390/sym14122473
Yeh K-H, Yang G-Y, Butpheng C, Lee L-F, Liu Y-H. A Secure Interoperability Management Scheme for Cross-Blockchain Transactions. Symmetry. 2022; 14(12):2473. https://doi.org/10.3390/sym14122473
Chicago/Turabian StyleYeh, Kuo-Hui, Guan-Yan Yang, Chanapha Butpheng, Lin-Fa Lee, and Ying-Ho Liu. 2022. "A Secure Interoperability Management Scheme for Cross-Blockchain Transactions" Symmetry 14, no. 12: 2473. https://doi.org/10.3390/sym14122473