Z. Shi
Please Note
5 records found
1
Inject Less, Recover More
Unlocking the Potential of Document Recovery in Injection Attacks Against SSE
Searchable symmetric encryption has been vulnerable to inference attacks that rely on uniqueness in leakage patterns. However, many keywords in datasets lack distinctive leakage patterns, limiting the effectiveness of such attacks. The file injection attacks, initially proposed by Cash et al. (CCS 2015), have shown impressive performance with 100% accuracy and no prior knowledge requirement. Nevertheless, this attack fails to recover queries with underlying keywords not present in the injected files. To address these limitations, our research introduces a novel attack strategy called LEAP-Hierarchical Fusion Attack (LHFA) that combines the strengths of both file injection attacks and inference attacks. Before initiating keyword injection, we introduce a new approach for inert/active keyword selection. In the phase of selecting injected keywords, we focus on keywords without unique leakage patterns and recover them, leveraging their presence for document recovery. Our goal is to achieve an amplified effect in query recovery. We demonstrate a minimum query recovery rate of 1.3 queries per injected keyword with a 10% data leakage of a real-life dataset, and initiate further research to overcome challenges associated with non-distinctive keywords.
From CoWs to Multi-Chain AMMs
A Strategic Optimization Model for Enhancing Solvers
In the rapidly evolving decentralized finance (DeFi) ecosystem, ensuring efficient and interoperable transaction mechanisms is a critical challenge. To address this issue, this paper introduces a strategic optimization model for a blockchain-based token exchange platform. By leveraging the principles of Coincidence of Wants (CoWs) and multi-chain Automated Market Makers (AMMs), our model enhances interoperability and efficiency of token exchange in the DeFi space. Users specify their transaction intents and solvers compete to find the most efficient execution pathways, considering factors such as available liquidity and market constraints. This approach not only facilitates seamless cross-chain transaction flows, but also optimizes the efficiency of existing solvers and reduces the reliance on centralized mechanisms. To validate the effectiveness of the proposed model, we conducted extensive simulation experiments assessing the model's performance with various order inputs and AMM constraints. The results show that our optimization model significantly increases the transaction completion rate. This improvement ranges from 26.1 % to 46.1 % compared to the CoWs-only model under different experimental settings. This enhances user welfare and market fairness. The proposed optimization model has broad applicability to efficient and interoperable cross-chain token transactions. Thus, it has a significant potential impact on the DeFi landscape.
Operating ZKPs on Blockchain
A Performance Analysis Based on Hyperledger Fabric
This paper introduces the Biometrics Data Space framework, which is a secure ecosystem built on Data Spaces technology and it is designed to address the challenges of suspect identification during cross-border crime investigation. Apart from Data Spaces technology, the proposed framework innovates by leveraging also Privacy Enhancing Technologies (PETs) and blockchain to enable secure, trustworthy, and sovereign data exchange between Law Enforcement Agencies (LEAs) across borders. Specifically, it utilizes advanced PETs, including Large-Scale Biometric Data Indexing based on deep hashing techniques and Homomorphic Encryption to allow for suspect identification without disclosing sensitive information of personal biometric data. Thus, it enables LEAs to securely compare and exchange encrypted sensitive biometric data, including facial images, fingerprints and voiceprints, while maintaining data privacy and data sovereignty. LEAs define the usage rules for the biometic data they own and these rules are enforced to and respected by the other LEAs participating in the Biometrics Data Space. The proposed architecture is designed to be scalable, allowing the incorporation of additional biometric modalitiies and the easy expansion and integration with new participant LEAs.
The emergence of blockchain technologies has created the possibility of transforming business processes in the form of immutable agreements called smart contracts. Smart contracts suffer from a major limitation; they cannot authenticate the trustworthiness of real-world data sources, creating the need for intermediaries called oracles. Oracles are trusted entities that connect on-chain systems with off-chain data, allowing smart contracts to operate on real-world inputs in a trustworthy manner. A popular oracle protocol is a crowdsourced oracle, where unrelated individuals attest to facts through voting mechanisms in smart contracts. Crowdsourced oracles have unique challenges: the trustworthiness and correctness of outcomes cannot be explicitly verified. These problems are aggravated by inherent vulnerabilities to attacks, such as Sybil attacks. To address this weakness, this paper proposes a reputation-based mechanism, where oracles are given a reputation value depending on the implied correctness of their actions over time. This reputation score is used to eliminate malicious agents from the participant pool. Additionally, two reputation-based voting mechanisms are proposed. The effectiveness of the proposed mechanism is evaluated using an agent-based simulation of a crowdsourced oracle platform, where a pool of oracles performs evaluate Boolean queries.