Announcements Guest speaker next Monday No office hours on Monday - - PowerPoint PPT Presentation

announcements
SMART_READER_LITE
LIVE PREVIEW

Announcements Guest speaker next Monday No office hours on Monday - - PowerPoint PPT Presentation

May 19, 2023 394 likes •693 views

Announcements Guest speaker next Monday No office hours on Monday Extra office hours next Wednsday, noon-1pm Cryptocurrencies & Security on the Blockchain Storage and the Blockchain Prof. Tom Austin San Jos State University

slide-1
SLIDE 1

Announcements

  • Guest speaker next Monday
  • No office hours on Monday

–Extra office hours next Wednsday, noon-1pm

slide-2
SLIDE 2

Cryptocurrencies & Security on the Blockchain

  • Prof. Tom Austin

San José State University

Storage and the Blockchain

slide-3
SLIDE 3

Storage and the Blockchain

  • Storage for consensus
  • Storage as a byproduct
  • Dropbox on the blockchain
  • Off-chain storage
slide-4
SLIDE 4

Dimensions of Storage Proving Schemes

  • Publicly verifiable
  • Retrievable
  • Zero-knowledge
  • Useful
  • Dynamically updateable
slide-5
SLIDE 5

Verifying Storage

  • What knowledge is needed?
  • Who can we trust?

–Miners? –Storage providers? –Clients?

slide-6
SLIDE 6

Review: Merkle Trees

H(A) H(B)

A B

H(C) H(D)

C D

H1 H2 MR

H1 = H(H(A),H(B)) H2 = H(H(C),H(D)) MR = H(H1,H2) (Merkle root)

slide-7
SLIDE 7

Using Merkle Trees for Storage

  • Merkle root of data is known
  • Challenger requests specific block(s)
  • Attacker provides Merkle Proof

– Pieces needed to reconstruct Merkle root

slide-8
SLIDE 8

Merkle Trees for Storage Proofs

H(A) H(B)

A B

H(C) H(D)

C D

H1 H2 MR

Merkle proof for block B:

  • Block B
  • H(A)
  • H2
slide-9
SLIDE 9

Spacemint: Storage for Consensus

  • Data only useful for consensus
  • Miners invest disk space (PoSpace)
  • Motivation

–Minimal computation –Egalitarian

slide-10
SLIDE 10

Archival Storage

slide-11
SLIDE 11

Permacoin: Useful, incidental storage

  • Storage of archival data
  • Miller et al. 2014
  • Proof-of-work (PoW) and proof-of-

retrievability (PoRet)

– Solve proof-of-retrievability – Solution feeds into PoW puzzle

slide-12
SLIDE 12

Permacoin Process

(taken from https://www.youtube.com/watch?v=gIJim7JKW_M )

  • 1. Setup – archival

file is erasure coded

  • 2. Users generate

keypairs

  • 3. Miners look for

solutions

– Requires locally storing data

slide-13
SLIDE 13

"Puzzle Solving"

Bitcoin puzzle solving:

– H(puz||pk||r) < target

Permacoin solves 2 puzzles (in sequence):

  • 1. H(puz||pk||r) selects blocks to reveal
  • 2. H(puz||pk||r||dataBlks) < target

If data is not stored, 1st solution found is useless.

slide-14
SLIDE 14

Forcing Local Storage

  • Goal: prevent outsourcing of storage.
  • Solution: modify previous approach to include

a signing step.

– Related to non-outsourceable puzzles.

  • Miner then must choose:

– Share data and keys with the 3rd party

  • Keys could be stolen

– Store data remotely, but keys locally – Store data and keys locally

slide-15
SLIDE 15

Economics of Permacoin Mining

(taken from https://www.youtube.com/watch?v=gIJim7JKW_M )

slide-16
SLIDE 16

Dropbox on the Cloud

slide-17
SLIDE 17

Filecoin

  • Incentive layer for IPFS
  • Storage market

–Guarantees data is stored –Very slow, by design

  • Retrieval market

–Caches frequently requested data –Offers CDN functionality –(Details a little murky)

slide-18
SLIDE 18

InterPlanetary File System (IPFS)

  • Content-addressable storage

–Hash of data serves as its ID

  • Peer-to-peer
  • Used in Catalan independence

referendum

slide-19
SLIDE 19

Attacks

  • Outsourcing
  • Generation
  • Sybils (or collusion)
slide-20
SLIDE 20

Review: Cipher Block Chaining (CBC)

  • Block – data chunk cipher encrypts

–No relation to blockchain blocks

  • C0 = E(IV Å P0, K)

Ci = E(Ci-1 Å Pi, K) ∀i. i>0

  • P0 = IV Å D(C0, K)

Pi = Ci-1 Å D(Ci, K) ∀i. i>0

slide-21
SLIDE 21

CBC Encryption

P0 P1 P2 IV C0 C1 C2

XOR then encrypt XOR then encrypt XOR then encrypt

slide-22
SLIDE 22

CBC Decryption

C0 C1 C2 IV P0 P1 P2

Decrypt then XOR Decrypt then XOR Decrypt then XOR

slide-23
SLIDE 23

Can encryption be parallelized? Can decryption be parallelized?

slide-24
SLIDE 24

Proof-of-replication

  • Ensure that miner is storing as many

copies of a file as they claim.

  • Each copy of data must be unique

–Ensured by sealing key

  • Miner must provide data within time limit
  • Uses modified versions of CBC mode

–Slows down encryption

slide-25
SLIDE 25

Modified CBC Modes

  • Shuffling

– Data spread across many blocks

  • Streaming

– Each block chained to itself N times

  • Layering

– The last block is chained to the first block M times.

slide-26
SLIDE 26

CBC Encryption, Streaming Mode

P0 P1 P2 IV C0 C1 C2

XOR then encrypt XOR then encrypt XOR then encrypt

slide-27
SLIDE 27

CBC Encryption, Layering Mode

P0 P1 P2 IV C0 C1 C2

XOR then encrypt XOR then encrypt XOR then encrypt

slide-28
SLIDE 28

Proof-of-spacetime

  • Filecoin miners can also prove that they are

continually storing their data.

  • Proof-of-replication determines next round of

challenge.

  • Miners write these proofs to the blockchain to

get paid.

slide-29
SLIDE 29