区块链长延时协议技术研究

1、1区块链长延时协议技术研究Analysis of the Blockchain Protocol with Long Delays Nakamotos blockchainBitcoinDecentralized payment systemLedger maintained by the public in a decentralized mannerAttractive propertiesDecentralization, Pseudonymity, Robustness BlockchainChain-structured ledger maintained by all the pa

2、rticipants (miners)2 Nakamotos blockchainBlockchainBasic security requirementAll the miners maintain the same recordAchieve consensus in the permissionless settingB1B2B3B1B2B3B1B2B3permissionlessanyone can join (or leave) the protocol execution3 Nakamotos blockchainProof of work (PoW)Solve a “crypto

3、graphic puzzle”Bitcoin Backbone Protocol GKL15 blockchain C=(!, !$, , !&)block!( = (,$, -(, .( , ()( = /(,$|-(| .( , s. t. ( DH(h |-? 6h0 m1 r1Block 1h1 m2 r2Block 24 Nakamotos blockchainProof of work (PoW)Integrity:More difficult for the adversary to modify the chainSynchronism:help the distributed

4、 miners to synchronizeSlowdown the generation of blocksLongest chain ruleH(h |? %5 Nakamotos blockchainCommon prefixChain growthChain qualitySecurityGaray, Kiayias and Leonardos GKL15 provide a rigorous analysis of blockchain protocolSynchronous modelPass, Seeman and shelat PSS17 analyze the securit

5、y in an asynchronous network with a-priori bounded delayAsynchronous modelWhy consider the delay?6 Blockchain protocol with delays7Bitcoin P2P networkDelays are inevitableNew blockThe propagation delay in the network is the primary cause for blockchain forks DW13Decker and WattenhoferInformation pro

6、pagation in the bitcoin network (2013) Blockchain protocol with delaysResults PSS17,0/1Chain growth: (,-.)/,where 2 *+Consistency: 4 with probability 1 *789(4)Chain quality:1 (1 + ;) 1 ./(1 + 2)For TreeMC with common prefix of depth d-T1 ./ 1 + 2520 Long Delay Attack on Common PrefixConcrete attack

7、on the common prefix of TreeMCwhen and are “too” large relative to a fixed TGoal of attack: increase the length of the two branches by T21 Long Delay Attack on Common PrefixWith inappropriate parameters, adversaries without any hash power can threaten the commonprefix propertyFor = 0.8 and T = 6, th

8、e success probability increases as gets larger.the success probability grows much faster when 60 (10 min). When 120 (20 min), the success probability can reach about 1%.22Corrupted miner setting?23 Corrupted miner settingThe adversary can corrupt some miners and have certain fraction of the total co

9、mputational powerCommon prefixChain growthChain quality24 Security proof in corrupted miners settingChain growthCommon prefixChain qualityConsecutive blocks cannot be mined by the same miner25 Security proof in corrupted miners settingMain ideaprove that the rate of mining by corrupted miners is slower than the rate of converge with overwhelming probability26 PublicationsPuwen Wei, Quan Yuan and Yuliang Zheng. Security of the blockchain against long delay attack. In: Advances in Cryptology ASIACRYPT 2018.Quan Yuan, Puwen Wei, Keting Jia and Haiyang Xue. Analysis of the bloc