DEFCON is is one of the world's largest and most notable hacker conventions in the world. It an esoteric experience of an elusive kind. It is a daring dream to destroy the dystopian darkness of super surveillance states. Here we are presenting our passion for Blockchain Security in DEFCON 28, based on the theme - 'Preventing DDoS Attacks on Ethereum 2.0 using Verifiable Delay Function Powered Authentication Architectures'. When we teamed up together a month ago, we never ever imagined that we will march into the league of extraordinary hackers to present our beloved blockchain security models in-front of the pioneers and paragons in the security space. We are grateful to all our well wishers in Governments, Private Sector, Academic Institutions, Think Tanks, Research Organisations across the world who has inspired us to deep dive on the creative convergence of cryptography and consensus algorithms to weave this world together. Our session is part of the Block Village stream in the DEFCON 28. Please find further details of the event in the Block Village portal. https://www.blockchainvillage.net/schedule2020
#defcon2020 #defcon28 #cybersecurity #ethereum #blockvillage #blockchainsecurity #blockchainaudit
Blockchain Scalability - Architectures and AlgorithmsGokul Alex
My presentation on 'Blockchain Scalability - Architectures and Algorithms' for the TechAthena Digital Community Webinar.
Blockchain Scalability is one of the most significant concern for Minimum Viable Blockchain Implementation. It is one of the key aspects determining the relevance and feasibility of Blockchain Technology for a particular use case.This session will cover the fundamental aspects of distributed computing that determine the contours of scalability.
Subsequently, the session will outline the parameters and metrics related to Blockchain Scalability in detail. In this context, the session will deep dive into architectural and algorithmic techniques that enables a scalable Blockchain.Architectural techniques such as vertical scaling and horizontal scaling will be explained in detail. Design techniques such as State Channels, Sharding, SideChains, Off chain computations, Block Size and Time Optimization etc. will be explained.
In summary, this session will conclude with the implications and trade-off between Blockchain Scalability, Security, Simplicity and Interoperability. Looking forward to your views and thoughts !
Hackbama Presentation
Presenter: Jason Cuneo
Abstract: The revolution of blockchain centered technologies provides security practitioners with a unique opportunity to participate in shaping the future of secure networking and has the potential to redefine how organizations and society transact and determine value. The objective of this discussion is to introduce how blockchains are disrupting the status quo and how they can be used to improve the Cybersecurity landscape.
This slide is a entry level introduction to blockchain security, it illustrates the current status of the issue, summarises attack methodology, and reviewed a few past hack cases.
Blockchain technology is being touted as the Next Big Thing, seemingly capable of great feats of strength and perhaps even curing the common cold. But what exactly is it and how could it contribute to a security program? This session will describe how blockchain works, define its value proposition, and identify specific use cases where blockchain makes sense and some where it doesn't. Along the way, we will discuss similar capabilities and technologies that accomplish the objectives.
In recent times, there’s been a lot of mass traction and crazy talk that is going about the digital currency community. Many of the leading Organizations are experimenting with Blockchain Technology.
Blockchain Scalability - Themes, Tools and TechniquesGokul Alex
This presentation is a deep dive on Blockchain Scalability Challenges, Constraints with a narrative on promising techniques such as State Channel, Side Chains, Simple Payment Vehicles, Consensus Algorithms and Directed Acyclic Graphs. The presentation starts with analysing the scalability cube.
Yao Yao, Jack Rasmus-Vorrath, Ivelin Angelov
https://github.com/yaowser/basic_blockchain
https://www.slideshare.net/YaoYao44/blockchain-security-and-demonstration/
Distributed ledger technology over a network of computers, which provides an alternative to the centralized system
Distributed Database
Peer-to-Peer Transmission
Transparency with Pseudonymity
Records are immutable
Computational Logic
https://www.youtube.com/watch?v=5ArZxRdhyPc
Blockchain Scalability - Architectures and AlgorithmsGokul Alex
My presentation on 'Blockchain Scalability - Architectures and Algorithms' for the TechAthena Digital Community Webinar.
Blockchain Scalability is one of the most significant concern for Minimum Viable Blockchain Implementation. It is one of the key aspects determining the relevance and feasibility of Blockchain Technology for a particular use case.This session will cover the fundamental aspects of distributed computing that determine the contours of scalability.
Subsequently, the session will outline the parameters and metrics related to Blockchain Scalability in detail. In this context, the session will deep dive into architectural and algorithmic techniques that enables a scalable Blockchain.Architectural techniques such as vertical scaling and horizontal scaling will be explained in detail. Design techniques such as State Channels, Sharding, SideChains, Off chain computations, Block Size and Time Optimization etc. will be explained.
In summary, this session will conclude with the implications and trade-off between Blockchain Scalability, Security, Simplicity and Interoperability. Looking forward to your views and thoughts !
Hackbama Presentation
Presenter: Jason Cuneo
Abstract: The revolution of blockchain centered technologies provides security practitioners with a unique opportunity to participate in shaping the future of secure networking and has the potential to redefine how organizations and society transact and determine value. The objective of this discussion is to introduce how blockchains are disrupting the status quo and how they can be used to improve the Cybersecurity landscape.
This slide is a entry level introduction to blockchain security, it illustrates the current status of the issue, summarises attack methodology, and reviewed a few past hack cases.
Blockchain technology is being touted as the Next Big Thing, seemingly capable of great feats of strength and perhaps even curing the common cold. But what exactly is it and how could it contribute to a security program? This session will describe how blockchain works, define its value proposition, and identify specific use cases where blockchain makes sense and some where it doesn't. Along the way, we will discuss similar capabilities and technologies that accomplish the objectives.
In recent times, there’s been a lot of mass traction and crazy talk that is going about the digital currency community. Many of the leading Organizations are experimenting with Blockchain Technology.
Blockchain Scalability - Themes, Tools and TechniquesGokul Alex
This presentation is a deep dive on Blockchain Scalability Challenges, Constraints with a narrative on promising techniques such as State Channel, Side Chains, Simple Payment Vehicles, Consensus Algorithms and Directed Acyclic Graphs. The presentation starts with analysing the scalability cube.
Yao Yao, Jack Rasmus-Vorrath, Ivelin Angelov
https://github.com/yaowser/basic_blockchain
https://www.slideshare.net/YaoYao44/blockchain-security-and-demonstration/
Distributed ledger technology over a network of computers, which provides an alternative to the centralized system
Distributed Database
Peer-to-Peer Transmission
Transparency with Pseudonymity
Records are immutable
Computational Logic
https://www.youtube.com/watch?v=5ArZxRdhyPc
Welcome to the world of 'network security' which is an unavoidable term in cyber security. This white paper of Network security encompasses the most significant and predominantly used networking security concepts which are highly important for maintaining your network environment secure.
Blockchain is the currently the hottest tech buzzword. Yet is it just hype or is it that fundamental piece of tech that will it truly change the world we live in, much like the internet did 25 years ago?
This presentation initially explains the fundamentals of blockchain and how it enables a new breed of business models.
Then we will then delve into how you can have a blockchain app on Azure, followed by a demo.
The presention describes analyses Microsoft's strategy with blockchain and how they are working on enabling Azure support to a number of DLTs including Ethereum, Hyperledger Fabric, R3 Corda, Quorum and Chain Core by offering easy-to-deploy templates for these ledgers. And more importantly how Microsoft is integrating these DLTs to the existing rich Azure ecosystem to enable the building of truly scalable, distributed enterprise applications using cryptlets and the Coco Framework.
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...eraser Juan José Calderón
Blockchain for AI: Review and Open. Research Challenges
K. SALAH, M. H. REHMAN, N. NIZAMUDDIN and A. Al-Fuqaha
ABSTRACT
Recently, Artificial Intelligence (AI) and blockchain have become two of the most trending and disruptive technologies. Blockchain technology has the ability to automate payment in cryptocurrency and to provide access to a shared ledger of data, transactions, and logs in a decentralized, secure, and trusted manner. Also with smart contracts, blockchain has the ability to govern interactions among participants with no intermediary or a trusted third party. AI, on the other hand, offers intelligence and decision- making capabilities for machines similar to humans. In this paper, we present a detailed survey on blockchain applications for AI. We review the literature, tabulate, and summarize the emerging blockchain applications, platforms, and protocols specifically targeting AI area. We also identify and discuss open research challenges of utilizing blockchain technologies for AI.
The fundamental security properties of blockchain originate from both bitcoin architecture and cryptography advances. the proficiency of the cryptographic chain of blocks was advanced giving birth to various inborn security qualities.
A Deep Dive into the Interplay of Cryptographic Schemes and Algorithms powering the state of the art security models in Blockchain as manifested by the legendary Cryptocurrency Scheme Bitcoin. Presented in the IT Audit and Cybersecurity Conclave Organised by ISACA and Red Team Hacker Academy in Kochi, Kerala.
Privacy Preserving Paradigms of Blockchain TechnologyGokul Alex
A Deep Dive on Ring Signatures, Ring Confidential Transactions, Zero Knowledge Proofs, Smart Contract Obfuscation, Circular Queue, Block Matrix etc. from the Blockchain Privacy Perspective. From my session on Blockchain Security in the Blockchain 2.0 Summit organized by Clavent in Bangalore.
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...Edureka!
** Blockchain Training: https://www.edureka.co/blockchain-training **
This Edureka's Blockchain tutorial consists of the frequently asked Blockchain Interview Questions which will help you in the preparation of Blockchain Interviews. Below are the topics covered in this tutorial:
1. Blockchain Market Trends
2. General Blockchain Interview Questions
3. Advanced Blockchain Interview Questions
Here is the link to the Blockchain blog series: https://goo.gl/DPoAHR
You can also refer this playlist on Blockchain: https://goo.gl/V5iayd
Yao Yao, Jack Rasmus-Vorrath, Ivelin Angelov
https://github.com/yaowser/basic_blockchain
https://www.academia.edu/35646619/Blockchain_Security_and_Demonstration
https://www.slideshare.net/YaoYao44/blockchain-security-and-demonstration-86062973
Distributed ledger technology over a network of computers, which provides an alternative to the centralized system
Distributed Database
Peer-to-Peer Transmission
Transparency with Pseudonymity
Records are immutable
Computational Logic
https://www.youtube.com/watch?v=5ArZxRdhyPc
Privacy-preserving techniques using zero knowledge proof in public EthereumNagib Aouini
Public Blockchain technology like Ethereum is gaining interest and growing use case among startup and fintechs.
Apart from scalability issues which are going to be solved with new consensus and mining techniques (Ethereum Metropolis and Bitcoin SegWit2x with Lightning network),
privacy on transaction is still an issue which is not yet fully addressed yet. Because of the public nature of a Ethereum, many businesses are reluctant to deploy Smart-contract or Dapps solutions for fear of exposing confidential or sensitive information.
The use of zk SNARKs (zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”) would essentially solve this dilemma (next EIP improvement of Ethereum called 'Byzantium' include zk SNARKS).
The idea of zk-SNARKs is that they allow verification of the correctness of computations, without a verifier having to execute those computations, or even learn what was actually executed. Using zk-SNARKs, a verifier can confirm that a computation happened correctly, with ‘zero-knowledge’ of the computation.
We propose during this talk to have a brief presentation on cryptography and theory around zero-knowledge proof algorithm.
Then we will try to showcase the benefits of zk-SNARKS and other privacy-preserving techniques (like zcash) on the public blockchain ecosystem.
I spent quite some time to digest how Blockchain works and how it can influence our everyday life in the upcoming decades. My slides focus on that from a non-IT expert point view.
I spent quite some time to digest how Blockchain works and how it can influence our everyday life in the upcoming decades. My slides focus on that from a non-IT expert point of view.
Welcome to the world of 'network security' which is an unavoidable term in cyber security. This white paper of Network security encompasses the most significant and predominantly used networking security concepts which are highly important for maintaining your network environment secure.
Blockchain is the currently the hottest tech buzzword. Yet is it just hype or is it that fundamental piece of tech that will it truly change the world we live in, much like the internet did 25 years ago?
This presentation initially explains the fundamentals of blockchain and how it enables a new breed of business models.
Then we will then delve into how you can have a blockchain app on Azure, followed by a demo.
The presention describes analyses Microsoft's strategy with blockchain and how they are working on enabling Azure support to a number of DLTs including Ethereum, Hyperledger Fabric, R3 Corda, Quorum and Chain Core by offering easy-to-deploy templates for these ledgers. And more importantly how Microsoft is integrating these DLTs to the existing rich Azure ecosystem to enable the building of truly scalable, distributed enterprise applications using cryptlets and the Coco Framework.
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...eraser Juan José Calderón
Blockchain for AI: Review and Open. Research Challenges
K. SALAH, M. H. REHMAN, N. NIZAMUDDIN and A. Al-Fuqaha
ABSTRACT
Recently, Artificial Intelligence (AI) and blockchain have become two of the most trending and disruptive technologies. Blockchain technology has the ability to automate payment in cryptocurrency and to provide access to a shared ledger of data, transactions, and logs in a decentralized, secure, and trusted manner. Also with smart contracts, blockchain has the ability to govern interactions among participants with no intermediary or a trusted third party. AI, on the other hand, offers intelligence and decision- making capabilities for machines similar to humans. In this paper, we present a detailed survey on blockchain applications for AI. We review the literature, tabulate, and summarize the emerging blockchain applications, platforms, and protocols specifically targeting AI area. We also identify and discuss open research challenges of utilizing blockchain technologies for AI.
The fundamental security properties of blockchain originate from both bitcoin architecture and cryptography advances. the proficiency of the cryptographic chain of blocks was advanced giving birth to various inborn security qualities.
A Deep Dive into the Interplay of Cryptographic Schemes and Algorithms powering the state of the art security models in Blockchain as manifested by the legendary Cryptocurrency Scheme Bitcoin. Presented in the IT Audit and Cybersecurity Conclave Organised by ISACA and Red Team Hacker Academy in Kochi, Kerala.
Privacy Preserving Paradigms of Blockchain TechnologyGokul Alex
A Deep Dive on Ring Signatures, Ring Confidential Transactions, Zero Knowledge Proofs, Smart Contract Obfuscation, Circular Queue, Block Matrix etc. from the Blockchain Privacy Perspective. From my session on Blockchain Security in the Blockchain 2.0 Summit organized by Clavent in Bangalore.
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...Edureka!
** Blockchain Training: https://www.edureka.co/blockchain-training **
This Edureka's Blockchain tutorial consists of the frequently asked Blockchain Interview Questions which will help you in the preparation of Blockchain Interviews. Below are the topics covered in this tutorial:
1. Blockchain Market Trends
2. General Blockchain Interview Questions
3. Advanced Blockchain Interview Questions
Here is the link to the Blockchain blog series: https://goo.gl/DPoAHR
You can also refer this playlist on Blockchain: https://goo.gl/V5iayd
Yao Yao, Jack Rasmus-Vorrath, Ivelin Angelov
https://github.com/yaowser/basic_blockchain
https://www.academia.edu/35646619/Blockchain_Security_and_Demonstration
https://www.slideshare.net/YaoYao44/blockchain-security-and-demonstration-86062973
Distributed ledger technology over a network of computers, which provides an alternative to the centralized system
Distributed Database
Peer-to-Peer Transmission
Transparency with Pseudonymity
Records are immutable
Computational Logic
https://www.youtube.com/watch?v=5ArZxRdhyPc
Privacy-preserving techniques using zero knowledge proof in public EthereumNagib Aouini
Public Blockchain technology like Ethereum is gaining interest and growing use case among startup and fintechs.
Apart from scalability issues which are going to be solved with new consensus and mining techniques (Ethereum Metropolis and Bitcoin SegWit2x with Lightning network),
privacy on transaction is still an issue which is not yet fully addressed yet. Because of the public nature of a Ethereum, many businesses are reluctant to deploy Smart-contract or Dapps solutions for fear of exposing confidential or sensitive information.
The use of zk SNARKs (zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”) would essentially solve this dilemma (next EIP improvement of Ethereum called 'Byzantium' include zk SNARKS).
The idea of zk-SNARKs is that they allow verification of the correctness of computations, without a verifier having to execute those computations, or even learn what was actually executed. Using zk-SNARKs, a verifier can confirm that a computation happened correctly, with ‘zero-knowledge’ of the computation.
We propose during this talk to have a brief presentation on cryptography and theory around zero-knowledge proof algorithm.
Then we will try to showcase the benefits of zk-SNARKS and other privacy-preserving techniques (like zcash) on the public blockchain ecosystem.
I spent quite some time to digest how Blockchain works and how it can influence our everyday life in the upcoming decades. My slides focus on that from a non-IT expert point view.
I spent quite some time to digest how Blockchain works and how it can influence our everyday life in the upcoming decades. My slides focus on that from a non-IT expert point of view.
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Codemotion
Due to the immutability of the ledger and the difficulty to update their consensus rules, Blockchain applications have many critical layers where a bug can cause huge, irreversible fund losses. This talk will shed some light on why and how Blockchain applications are so critical and will discuss past events that led to fund loss or consensus failures due to bugs in critical parts of the code of Bitcoin and Ethereum applications.
Ethereum is the largest decentralized software platform that allows you to build smart contracts and decentralized applications without any downtime and without any third party interference.
VISIT:- http://www.oodlestechnologies.com/online-cryptocurrency-wallet
A Countermeasure for Double Spending Attacks on Blockchain Technology in Smar...IJNSA Journal
As a distributed technology, blockchain has been applied in many fields. Much research has been done on its inherent security issues. Among these security issues, double spending is one of the most pernicious. Current countermeasures are not systematic, they either focus on monitoring or detection with no effective strategy to prevent future double spending. These countermeasures also have serious drawbacks, such as high network traffic, high CPU utilization, and heavy management overhead. In this paper, we present a systematic approach to address double spending attack on smart grid. A reputable node is selected, which constantly compares all transactions in current time window with previously validated block and current block. Upon discovering conflicting transactions, a warning message with the conflicting transaction and two penalty transactions are broadcasted to the network to stop the current attack and to prevent future attacks. Our experiment has demonstrated our design is highly effective to detect double spending, with short detection time and low CPU utilizations.
A Survey: DDOS Attack on Internet of ThingsIJERD Editor
Internet of Things refer as interconnection of smart object, included from small coffee machine to
big car, communicate with each other without human interactions also called as Device to Device
communications. In current emerging world, all of the devices become smarter and can communicate with other
devices as well. With this rapid development of Internet of Things in different area like smart home, smart
hospital etc. it also have to face some difficulty to securing overall privacy due to heterogeneity nature. There
are so many types of vulnerability but here in this paper we put concentration on Distributed Denial of Service
attack (DDoS). DoS is attack which can block the usage for authentic user and make network resource
unavailable, consume bandwidth; if similar attack is penetrated from different sources its call DDoS. To prevent
from such attack it need mechanism that can detect and prevent it from attack, but due to small devices it has
limited power capacity. So that mechanism must be implemented at network entrance. In this paper we discuss
different DDoS attack and its effect on IoT.
Unveiling the Landscape of Smart Contract Vulnerabilities: A Detailed Examina...IJCNCJournal
With the rise in using immature smart contract programming languages to build a decentralized application, more vulnerabilities have been introduced to the Blockchain and were the main reasons behind critical financial losses. Moreover, the immutability of Blockchain technology makes deployed smart contracts unfixable for the whole life of the Blockchain itself. The lack of complete and up-to-date resources that explain those vulnerabilities in detail has also contributed to increasing the number of vulnerabilities in Blockchain. In addition, the lack of a standardized nomination of the existing vulnerabilities has made redundant research and made developers more confused. Therefore, in this paper, we propose the most complete list of smart contract vulnerabilities that exist in the most popular Blockchains with a detailed explanation of each one of them. In addition, we propose a new codification system that facilitates the communication of those vulnerabilities between developers and researchers. This codification, help identify the most uncovered vulnerabilities to focus on in future research. Moreover, the discussed list of vulnerabilities covers multiple Blockchain and could be used for even future built Blockchains.
Unveiling the Landscape of Smart Contract Vulnerabilities: A Detailed Examina...IJCNCJournal
With the rise in using immature smart contract programming languages to build a decentralized application, more vulnerabilities have been introduced to the Blockchain and were the main reasons behind critical financial losses. Moreover, the immutability of Blockchain technology makes deployed smart contracts unfixable for the whole life of the Blockchain itself. The lack of complete and up-to-date resources that explain those vulnerabilities in detail has also contributed to increasing the number of vulnerabilities in Blockchain. In addition, the lack of a standardized nomination of the existing vulnerabilities has made redundant research and made developers more confused. Therefore, in this paper, we propose the most complete list of smart contract vulnerabilities that exist in the most popular Blockchains with a detailed explanation of each one of them. In addition, we propose a new codification system that facilitates the communication of those vulnerabilities between developers and researchers. This codification, help identify the most uncovered vulnerabilities to focus on in future research. Moreover, the discussed list of vulnerabilities covers multiple Blockchain and could be used for even future built Blockchains.
Ethereum Devcon1 Report (summary writing)Tomoaki Sato
Ethereum devcon1 in London, 27th November By Tomoaki Sato I have been to the conference, so I wrote this summary and doing presentation in Japan. The meetup name is "Smart Contract Japan". Some of the presentations are missing, or added.
Please refer these official sources also
Devcon
http://devcon.ethereum.org/
Devcon1 youtube presentations
https://www.youtube.com/user/ethereumproject
Devcon1 slides on reddit
https://www.reddit.com/r/ethereum/comments/3soym7/devcon_1_slides/
Censorship resistance is a requirement for building a safer future with #AI. In the presentation from our meetup in Zug (Jul 2018) we are explaining why it is so and how Pandora Boxchain team develops such technology.
Sing up on the future meetups on http://meetu.ps/e/Fwg7Z/jKDhn/a and #FreeAI!
Every microservice in production must be secured. In order to ensure this, there is a significant additional effort compared to a monolithic system due to the high number of services. If the operation then still takes place in a public cloud, neither the communication within the infrastructure of the cloud provider nor the connection via the Internet may be unencrypted. In addition, corresponding authorization checks must take place in each individual service.
This session shows how easy and effortless it is to implement security measures with a service mesh tool like Istio. With a few small Istio rules, all communication in the service mesh is secured with mutual TLS (mTLS). Basic checks of service-to-service communication and end-user authorization using JWT can also be delegated to Istio. The extended authorization checks within a Java service are illustrated using the MicroProfile specifications.
Similar to DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF (20)
Blockchain Technology in Banking Services - A ReviewGokul Alex
My session for IIM Bengaluru for the Executive Leaders of Public Sector Banks in India about the principles, paradigms, platforms, protocols and potentials of Blockchain Technology in 2020.
Digital Innovation and Dynamics of Entrepreneurship Gokul Alex
Presentation by Gokul Alex on the Dynamics of Entreprenship and how Digital Innovation powers the journey into business mastery. He has presented this session for the Career Guidance Unit of Sarabhai Institute of Science and Technology, Trivandrum.
Decentralised AI and Distributed Ledgers - An IntroductionGokul Alex
The presentation on Decentralised Machine Intelligence powered by Distributed Ledgers from Gokul Alex in the 3AI Association Thought Leadership Forum Webinar Series. An introduction to Ocean Protocol, Raven Protocol, SingularityNET and reference architectures of decentralised machine intelligence.
R3Corda - Architecture Overview - Concepts and ComponentsGokul Alex
All India Council for Technical Education AICTE India has organised a Short Term Training Program (STTP) on Blockchain Technology for Engineering Educators across India over in this week. It was an exciting event for us in working on the convergence of academia and industry. Thanks to the support from 'The Blockchain Network' (TBN), I could present a couple of protocol and platform deep dive sessions on Hyperledger Fabric and R3 Corda. Please find the compilation of concepts and components that we have discussed on R3 Corda in this session in the attached document. Request your views and comments!
Covid19 ContactTracing - Privacy Preserving Proximity ProtocolsGokul Alex
Presentation Session by Gokul Alex for Tamil Nadu Science Foundation on the Collection of Cryptographic Techniques for COVID-19 Contact Tracing in the framework of Privacy Preserving Proximity Protocols. This is a research report compiled in collaboration with EPIC Knowledge Society, RedTeam Hacker Academy, Beyond Identity, Semiot Protocols, Cyanaura Maps.
Cybersecurity Context in African Continent - Way ForwardGokul Alex
The slides from the presentation session by Gokul Alex on the Enigmatic Economy of Cyber Crimes and Cyber Attacks across the globe with the specific focus on African Continent ravaging countries such as South Africa, Nigeria, Kenya, etc. Cybersecurity issues are looming large and assuming larger significance in the post pandemic political economies. This presentation was delivered to the TAFFD Virtual Conference on Cybersecurity in July 2020 together with Red Team Hacker Academy and BeyondIdentity.
Creative Careers for Post Pandemic TimesGokul Alex
A lecture on the creative careers for the post-pandemic times by Gokul Alex, founder of EPIC Knowledge Society for the Webinar Organised by Teknowledge Edutainers with the focus on understanding the rise of societal technology infrastructure in the pandemic times and foreseeing the emerging trends in technology in the post-pandemic times in areas such as AI, Analytics, Blockchain, Privacy, Geospatial Analytics, Biohacking, Bioinformatics, Drones, Internet of Things, Privacy Preserving Protocols, Robotics etc. This presentation is envisioning a convergent and connected technology infrastructure with the focus of social entrepreneurship and digital health in recent times.
Imagining Intelligent Information Machines for 2020Gokul Alex
A Strategic Roadmap for Artificial Intelligence in Social Sector considering the challenges and constraints of 2020. A survey of global reference case studies, key pillars, maturity models, growth markets, revenue projections, use cases etc.
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...Gokul Alex
This is an Executive Leadership Workshop Program by Gokul Alex on the fundamentals and frontiers of Blockchain which is a transformative technology covering key concepts such as value proposition design, competitive advantage, operating models, value streams, architecture frameworks etc. It is a distillation of essential concepts and emerging frontiers in the world of distributed ledger technologies.
A Concise Introduction to Cryptographic ConceptsGokul Alex
A Concise Introduction to Cryptographic Concepts by Gokul Alex in the ALTERED 2020 Virtual Conference Organised by IEEE Kerala Section in MBCET. This session covers the historic emergence of cryptographic schemes such as Ceaser Cipher, Substitution Cipher, Transposition Cipher, Vigenre Cipher, Vernam Cipher, One Time Pad, RSA, Diffie Hellman, Elliptic Curves, Hash Algorithms etc.
Applying Blockchain Technology for Digital TransformationGokul Alex
My virtual webinar session on applying Blockchain Technology for Digital Transformation of Contemporary Business Models in the UL Talks Series organised by ULTS, the IT Subsidiary of ULCCS. This presentation is a journey through the basic concepts of Blockchain Technology and a compilation of interesting business cases around Blockchain Technology.
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...Gokul Alex
Key Note Address by Gokul Alex in the Estuary 2020 Event organised by Indian Maritime University in Chennai on the theme of E-Commerce and Digital Technologies.
Decentralised AI through Distributed Ledger Technologies Gokul Alex
My seminar lecture session on Decentralised AI through Distributed Ledger Technologies in the second National Seminar on Machine Intelligence organised by University of Kerala, Department of Computer Science on 24th January 2020. I have covered the foundations of distributed ledger technologies, decentralisation roadmap, decentralised AI and decentralised data exchanges in this session.
Cloud Security Engineering - Tools and TechniquesGokul Alex
Cloud Security Engineering Education Materials prepared by Gokul Alex. It covers the essential tools and techniques to protect cloud enterprise architectures and cloud information systems.
Quantum Computing - A History in the Making Gokul Alex
Please find my key note lecture on Quantum Computing presented at the RedTeam Security Summit 2019 in North Kerala at Malabar in Calicut City. This session is a survey on the history of Quantum Computing from early 1960's to the recent Quantum Supremacy experiment done by Google along with University of Santa Barbara. It captures the history from conjugate coding to sycamore processor succinctly. It also captures the essence of post quantum cryptography and quantum algorithms.
Cloud Security - Emerging Facets and FrontiersGokul Alex
My session on Cloud Computing Security prepared for ISC2 Bangalore Chapter MeetUp. It is a walkthrough on the fundamental axioms of cloud security with reference to architecture standards, industry best practices and a coverage of some of the most pertinent attack vectors in the recent times. This presentation delves deeper into Cloud Security Reference Architectures, Cloud Security Operating Models, Cloud Firewalls, Cloud Identity Access Management Models, Cloud Malware Concepts etc.
Introduction to Blockchain Business ModelsGokul Alex
From my presentation on Blockchain Business Models delivered at World Trade Centre, Bengaluru. This session was a deep dive on Business Modelling Techniques and their relevance to Blockchain Projects and Platforms. Business Model Canvas is tailor made for various blockchain engagements. I have compiled a collection of 20 business models around blockchain in this deck.
Introduction to Blockchain Governance ModelsGokul Alex
The presentation on the history and emergence of distributed consensus and the contemporary aspects of Blockchain Governance presented for the Global FinTech and Blockchain Forum organised by Pyramid Learning Platforms.
Generational Adversarial Neural Networks - Essential ReferenceGokul Alex
My presentation on Generational Adversarial Neural Networks and the Challenges of Adversarial Learning Conditions in Neural Networks presented during the National Symposium on Machine Intelligence organised by Kerala University in 2017 in Thiruvananthapuram.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
11. Invalid blocks on Parity Client
Some Parity Ethereum nodes lost sync with the network because of the following
incident - you send to a Parity node a block with invalid transactions, but valid
header (borrowed from another block). The node will mark the block header as
invalid and ban this block header forever but the header is still valid.
12. Vulnerability in Parity Nodes
In May, global hacking research collective SRLabs claimed that only two-thirds of
the Ethereum client software that ran on Ethereum nodes had been patched
against a critical security flaw discovered earlier this year. The data reportedly
indicated that unpatched Parity nodes comprised 15% of all scanned nodes —
implying that 15% of all Ethereum nodes were vulnerable to a potential 51% attack.
13. Underpriced DDoS attacks - EXTCODESIZE
Underpriced opcode vulnerability is due to the improper gas cost of EVM’s
EXTCODESIZE opcode.
Prior to the EIP 150 hard fork, the EXTCODESIZE opcode only charged 20 gas for
reading a contract bytecode from disk and then deriving its length.
As a consequence, the attacker can repeatedly send transactions to invoke a
deployed smart contract with many EXTCODESIZE opcodes to cause a 2 - 3x
slower block creation rate
Paper - A Survey on Ethereum Systems Security: Vulnerabilities, Attacks and Defenses by Huashan Chen, Marcus Pendleton,
Laurent Njilla, and Shouhuai Xu
14. Underpriced DDoS attacks - SUICIDE
This attack exploited the improper gas cost of EVM’s SUICIDE opcode(renamed to
SELFDESTRUCT after EIP6) and the empty account in the State trie Vulnerability.
Th opcode is meant to remove a deployed smart contract and send the remaining ether to the
account designated by the caller. When the target doesn't exist a new account is created
even though no Ether may be transferred.
The attacker created 19 million new empty accounts via this opcode at low gas consumption,
which wasted disk space and increased synchronisation and processing time
Paper - A Survey on Ethereum Systems Security: Vulnerabilities, Attacks and Defenses by Huashan Chen, Marcus Pendleton,
Laurent Njilla, and Shouhuai Xu
15. Dead Accounts and Bloating State Database
Certain transactions taking long time to process
These transactions happened between blocks 2,286,910 and 2,717,576.
Somebody took advantage of an underpriced opcode
Creating millions of dead Ethereum accounts
This had the effect of bloating the state database.
It created tons of transaction traces.
16. Impact of DDoS attacks
Hacks against Geth client
Hacks create huge amount of clean up transactions
Each clean up transaction creates large set of traces
Hard forks
Hard forks do not remove the dead accounts
17. Quick fixes to the DDoS
Scanning an initial set of transactions
Measuring the traces from each transaction
Checking the frequency of traces in the transactions
19. Proof of Stake vs Proof of Work
incentive to DDoS others is much higher in POW compared to POS (or specifically
Casper). The reasons is that POW is a zero sum game where other miners gain the
reward if some miners can not submit a block.
Casper in contrast is designed as a coordination game where every participant gets
most if all others can include their blocks.
Better security against 51% attacks -High level goal of PoS is to ensure that each
stakeholder chance of mining the next block is proportional to the number of coins they
control.
20. Attack against Proof of Stake
● xx% attack
● Fake Stake Attack
● Long Range Attack
● Nothing at Stake
● Sour Milk Attack
Credit - Infosecinstitute.com
27. Possible DDoS Attack Vectors
DDoS attack through creating a mapping between public keys and validators’ IPs
DDoS attack on Insecure gRPC connection
( Reported by Quantum Stamp Audit on Prysm )
https://github.com/prysmaticlabs/prysm/issues/6327
28. QuantStamp Audit
Quantstamp’s audit of Prysmatic Labs ETH 2.0 client involved ten engineers who
examined the entire codebase over the course of two months.
They examined the beacon node logic, validator client, slasher logic, libp2p
networking layer, gRPC API, client database, account management and key
storage, client synchronization, and more.
29. QuantStamp Audit Findings
Vulnerabilities found by Quantstamp engineers and addressed by Prysmatic Labs
included:
● Granularity of timestamps
● Pseudo-random number generation
● Second preimage attacks on Merkle trees
31. Audit findings on the Block Proposer System
Single Secret Leader Election (SSLE) keeps the selection secret and stops the leak
of information to an observer, while still allowing the chosen block proposer a fast
way to verify to others that it is, in fact, the proposer.
With the information leak patched, the block proposer remains as protected as it
would be in PoW chains, but without the computational overhead.
https://leastauthority.wpengine.com/static/publications/LeastAuthority-Ethereum-2.
0-Specifications-Audit-Report.pdf
32. Audit Findings on the Gossip Protocol
Gossip protocols generally suffer from the spam problem; without a centralized
judge, it can be difficult to understand whether a message is legitimate or is spam
that is meant to clog the network.
This was one of the primary concerns in examining the networking layer. In
Ethereum 2.0, when a node proposes a new finalized block, the block must be sent
to the rest of the network.
There is an issue when a dishonest node is capable of sending an unlimited
amount of older block messages to the rest of the network with minimal penalty,
allowing them to overwhelm the network and block legitimate messages.
33. Audit Findings on the Slashing Messages
Similarly, when a node violates the rules, other nodes send out slashing messages
to notify the rest of the network about who to penalize.
There is a a small loophole that allowed a node to send an unlimited amount of
these types of messages with minimal penalty, causing the same message blocking
if they sent enough of them.
https://leastauthority.com/blog/ethereum-2-0-specifications/
35. Teku Attack Scenario
Two of four Teku nodes were targeted by five ordinary machines with a sustained
DoS attack.
Initial loss of finality was achieved with two or three machines, but the others joined
within a few epochs to ensure that the network could not recover.
https://github.com/ethereum/public-attacknets/issues/7#issuecomment-665966067
36. Teku Attack Implementation
> while true; do cat /dev/zero | pv -L 1M |nc XXX.XXX.XXX.XXX 9000 >/dev/null; done
https://github.com/ethereum/public-attacknets/issues/7#issuecomment-665966067
37. Impact of Teku Attack
The effect that the DoS attack had on the attacknet was a prolonged loss finality and
required manual intervention to restore the network to a healthy state once the attack
stopped.
The nodes under attack used large amounts of memory, were subject to multiple
container restarts, had trouble staying connected to peers and one node's local clock
was 20 mins slow.
https://github.com/ethereum/public-attacknets/issues/7#issuecomment-665966067
38. Teku Attack - Root Cause
Firstly responding to one byte with multiple bytes is a vector for various
amplification attacks but that wasn't the issue that caused the loss of finality.
The second issue is that the responses were being written faster than they were
read by the attacking peer and jvm-libp2p was not applying any throttling.
Eventually TCP back pressure kicked in, filling up the OS write buffers and the
responses wound up being queued in user space memory. This pushed up both
the on and off heap memory usage very substantially.
CPU also spiked significantly partly due to processing all those multi stream
"messages" but mostly because of the resultant memory pressure and GC activity.
39. Teku Attack - Solution
Preventing this specific attack is straight forward, disconnect the peer immediately when
an invalid (e.g. 0 length) multi stream message is received.
Resilience to DOS attacks increases significantly as you increase the number of nodes
and diversity of clients, locations and network connections
https://github.com/ethereum/public-attacknets/issues/7#issuecomment-665966067
41. Sharding, Staking and Randomness
Almost all sharding designs today rely on some source of randomness to assign
validators to shards. Both the randomness and the validators assignment require
computation that is not specific to any particular shard.
For that computation, existing sharding designs have a separate blockchain that is
tasked with performing operations necessary for the maintenance of the entire
network.
42. Sharding, Staking and Randomness
Besides generating random numbers and assigning validators to the shards, these
operations often also include receiving updates from shards and taking snapshots of
them, processing stakes and slashing in Proof-of-Stake systems, and rebalancing shards
when that feature is supported.
Such chain is called a Beacon chain in Ethereum and Near, a Relay chain in PolkaDot,
and the Cosmos Hub in Cosmos.
43. Distributed Randomness on Blockchain
Many modern blockchain protocols rely on a source of randomness for selecting
participants that carry out certain actions in the protocol.
If a malicious actor can influence such source of randomness, they can increase
their chances of being selected, and possibly compromise the security of the
protocol.
Distributed randomness is also a crucial building block for many distributed
applications built on the blockchain.
44. Essential Properties of Randomness
Three essential properties for distributed randomness on-chain :
1. It needs to be unbiased. In other words, no participant shall be able to
influence in any way the outcome of the random generator.
2. It needs to be unpredictable. In other words, no participant shall be able to
predict what number will be generated (or reason about any properties of it)
before it is generated.
3. The protocol needs to tolerate some percentage of actors that go offline or try
to intentionally stall the protocol.
45. RANDAO approach
The general idea is that the participants of the network first all privately choose a
pseudo-random number, submit a commitment to such privately chosen number.
All agree on some set of commitments using some consensus algorithm, then all
reveal their chosen numbers, reach a consensus on the revealed numbers, and
have the XOR of the revealed numbers to be the output of the protocol.
46. Limitations of the RANDAO approach
It is unpredictable, and has the same liveness as the underlying consensus
protocol, but is biasable.
Specifically, a malicious actor can observe the network once others start to reveal
their numbers, and choose to reveal or not to reveal their number based on XOR of
the numbers observed so far.
This allows a single malicious actor to have one bit of influence on the output, and
a malicious actor controlling multiple participants have as many bits of influence as
the number of participants they are controlling.
47. RANDAO + VDF Approach
To make RANDAO, un-biasable, one approach would be to make the output not just
XOR, but something that takes more time to execute than the allocated time to
reveal the numbers.
If the computation of the final output takes longer than the reveal phase, the
malicious actor cannot predict the effect of them revealing or not revealing their
number, and thus cannot influence the result.
Such a function that takes a long time to compute, is fast to verify the computation,
and has a unique output for each input is called a verifiable delay function (VDF for
short) and it turns out that designing one is extremely complex.
48. Ethereum Perspective on RANDAO + VDF
Ethereum presently plans to use RANDAO with VDF as their randomness beacon.
Besides the fact that this approach is unpredictable and unbiasable, it has an extra
advantage that is has liveness even if only two participants are online (assuming
the underlying consensus protocol has liveness with so few participants).
For the family of VDFs linked above a specialized ASIC can be 100+ times faster
than conventional hardware. Thus, if the reveal phase lasts 10 seconds, the VDF
computed on such an ASIC must take longer than 100 seconds to have 10x safety
margin, and thus the same VDF computed on the conventional hardware needs to
take 100 x 100 seconds = ~3 hours.
49. Threshold Signatures
This approach is pioneered by DFNITY, is to use threshold BLS signatures.
Boneh–Lynn–Shacham (BLS) signature scheme allows a user to verify that a signer
is authentic. The scheme uses a bilinear pairing for verification, and signatures are
elements of an elliptic curve group.
BLS signatures is a construction that allows multiple parties to create a single
signature on a message, which is often used to save space and bandwidth by not
requiring sending around multiple signatures. A common usage for BLS signatures
in blockchains is signing blocks in BFT protocols.
50. Threshold Signatures in Practice
Say 100 participants create blocks, and a block is considered final if 67 of them sign
on it. They can all submit their parts of the BLS signatures, and then use some
consensus algorithm to agree on 67 of them and then aggregate them into a single
BLS signature.
Any 67 parts can be used to create an accumulated signature, however the
resulting signature will not be the same depending on what 67 signatures were
aggregated.
51. Threshold Signatures in Practice
Turns out that if the private keys that the participants use are generated in a
particular fashion, then no matter what 67 (or more, but not less) signatures are
aggregated, the resulting multisignature will be the same. This can be used as a
source of randomness:
The participants first agree on some message that they will sign (it could be an
output of RANDAO, or just the hash of the last block, doesn’t really matter for as
long as it is different every time and is agreed upon), and create a multisignature on
it. Until
52. Limitations of Threshold Signatures
This approach to randomness is completely unbiased and unpredictable, and is live
for as long as 2/3 of participants are online (though can be configured for any
threshold). While ⅓ offline or misbehaving participants can stall the algorithm, it
takes at least ⅔ participants to cooperate to influence the output.
The private keys for this scheme need to be generated in a particular fashion. The
procedure for the key generation, called Distributed Key Generation, or DKG for
short, is extremely complex and is an area of active research.
53. RandShare approach
RandShare is an unbiased and unpredictable protocol that can tolerate up to ⅓ of
the actors being malicious.
It is relatively slow, and the paper linked also describes two ways to speed it up,
called RandHound and RandHerd, but unlike RandShare itself, RandHound and
RandHerd are relatively complex.
The general problems with RandShare besides the large number of messages
exchanged (the participants together will exchange O(n^3) messages), is the fact
that while ⅓ is a meaningful threshold for liveness in practice, it is low for the ability
to influence the output. There are several reasons for it:
54. RandShare approach
1. The benefit from influencing the output can significantly outweigh the benefit
of stalling randomness.
2. If a participant controls more than ⅓ of participants in RandShare and uses this
to influence the output, it leaves no trace. Thus a malicious actor can do it
without ever being revealed. Stalling a consensus is naturally visible.
3. The situations in which someone controls ⅓ of hashpower / stake are not
impossible, and given (1) and (2) above someone having such control is unlikely
to attempt to stall the randomness, but can and likely will attempt to influence
it.
55. NEAR protocol approach
1. Each participant comes up with their part of the output, splits it into 67 parts,
erasure codes it to obtain 100 shares such that any 67 are enough to
reconstruct the output,
2. Assigns each of the 100 shares to one of the participants and encodes it with
the public key of such participant. They then share all the encoded shares.
3. The participants use some consensus (e.g. Tendermint) to agree on such
encoded sets from exactly 67 participants.
56. NEAR protocol approach
1. Once the consensus is reached, each participant takes the encoded shares in
each of the 67 sets published this way that is encoded with their public key,
then decodes all such shares and publishes all such decoded shares at once.
2. Once at least 67 participants did the previous step, all the agreed upon sets
can be fully decoded and reconstructed, and the final number can be obtained
as an XOR of the initial parts the participants came up with in (1).
3. The idea why this protocol is unbiasable and unpredictable is similar to that of
RandShare and threshold signatures: the final output is decided once the
consensus is reached, but is not known to anyone until ⅔ of the participants
decrypt shares encrypted with their public key.
58. Anatomy of a VDF
A VDF consists of a triple of algorithms: Setup, Eval, and Verify.
Setup (λ, t) takes a security parameter λ and delay parameter t and outputs public
parameters pp (which fix the domain and range of the VDF and may include other
information necessary to compute or verify it).
Eval (pp, x) takes an input (x) from the domain and outputs a value (y) in the range
and (optionally) a short proof π.
Finally, Verify (pp, x, y, π) efficiently verifies that y is the correct output on x.
Crucially, for every input x there should be a unique output y that will verify.
59. Historic references to VDF for DDoS prevention
To prevent email spamming, in the early 1990s, Cynthia Dwork and Moni Naor
suggested using squaring roots over finite fields puzzles as functions which take a
predetermined time to compute, and are straightforward to verify.
However, their work was considered impractical because one has to use rather
large finite fields to make the algorithm useful, and the libraries for handling
multiple precision arithmetic at the time of the suggestion of the algorithm were
orders of magnitude slower than current ones.
60. Essential Properties of VDF
Sequential: honest parties can compute (y,π) ← Eval(pp,x) in (t) sequential steps,
while no parallel-machine adversary with a polynomial number of processors can
distinguish the output y from random in significantly fewer steps.
Efficiently verifiable: We prefer Verify to be as fast as possible for honest parties to
compute; we require it to take total time - O(polylog(t)).
Unique: for all inputs x, it is difficulty to find a y for which
Verify (pp,x,y,π) = Yes, but y ∕ = Eval(pp, x).
61. Additional Properties of VDF
Decodable - A VDF is decodable if there exists a decoding algorithm Dec such that
(Eval,Dec) form a lossless encoding scheme.
Incremental - A single set of public parameters (pp) supports multiple hardness
parameters (t). The number of steps used to compute (y) is specified in the proof,
instead of being fixed during Setup.
The main benefit of incremental VDFs over a simple chaining of VDFs to increase
the delay is a reduced aggregate proof size.
This is particularly useful for applications of VDFs to computational time-stamping
or blockchain consensus.
62. Main VDF Constructions
There are currently three candidate constructions that satisfy the VDF requirements.
Each one has its own potential downsides.
The first was outlined in the original VDF paper by Boneh, et al. and uses injective
rational maps. However, evaluating this VDF requires a somewhat large amount of
parallel processing, leading the authors to refer to it as a “weak VDF.”
Later, Pietrzak and Wesolowski independently arrived at extremely similar constructions
based on repeated squaring in groups of unknown order.
These constructions are based on modular exponentiations, where Pietrzak and
Wesolowski suggest to iteratively compute τ squarings in an RSA group, with τ large.
63. Innovations in VDF
The main innovation in VDF is to propose a setup phase to set a trusted
environment allowing the functions to be universally verifiable.
This trusted environment sets the public parameters of the VDF, including its
difficulty which determines the amount of time spent on computing.
Any node who needs to solve the VDF will use the public parameters to perform
certain sequential computations.
Some VDFs also allow generating a proof to facilitate the verification from the other
participants.
65. IOTA Approach
A DoS prevention mechanism where nodes are required to compute exactly τ
modular squarings of a given input message
Calibrating the VDF evaluation time on different hardware and optimising the time
needed to verify the correctness of the puzzle through multi-exponentiation
techniques
Extensive experimental evaluations to compare VDFs and PoW on different
hardware. In particular show that larger monetary resources cannot help to speed
up the VDF evaluation
https://arxiv.org/pdf/2006.01977.pdf
66. IOTA DoS Prevention Mechanism
● Evaluation - When node i decides to generate transaction n, it is required to
solve a VDF such that its input is the hash of transaction n − 1 issued by the
same node.
● Proof - Node i also generates a proof to facilitate the verification task, which
gossips along with the transaction.
● Verification - When a new transaction is received, node j verifies whether the
VDF has been solved correctly. If yes, it forwards the transaction (and the
proof) to its neighbors, or discards it otherwise.
https://arxiv.org/pdf/2006.01977.pdf
68. Public Inputs
● VDF Difficulty - A difficulty which indicates the number of sequential operations
to solve and can be updated accordingly to mitigate attacks
● RSA Module - A modulus N = p · q which has bit-length λ (typically 1024, 2048,
or 3072), and is the product of two prime numbers of the same order. The
security of the entire mechanism relies on the length of N: the longer is the
modulus, the more difficult is to find its factorization
● Cryptographic hash function - A hash function that will be used in the
evaluation and proof of VDF
https://arxiv.org/pdf/2006.01977.pdf
70. Our Architecture Overview
Supersingular Isogeny based VDFs
VDF based single secret leader selection
VDF based Random Oracles
VDF based delay authentication to the RANDAO
Randomness ( Randshare and Randhound) powered beacon chain
71. Solution Architecture Framework for our approach
Random
Oracles
Random
Oracles
Isogeny based VDF Generator
Random
Oracles
Beacon Chain with Secret Leader Self Selection and Delay Authentication
Random
Oracles
Random
Oracles
Random
Oracles
Main Chain with RANDAO based Validator Network and One Time Signature
Shard Chains with RandHound and RandShare with Proximity Verification
72. TemerNet - Our Proof of Concept for Random Oracle
https://github.com/EPICKnowledgeSociety/TemereNet
pragma solidity ^0.5.2;
import "github.com/starkware-libs/veedo/blob/master/contracts/BeaconContract.sol";
contract Beacon{
function getLatestRandomness()external view returns(uint256,bytes32){}
}
contract WeatherOracle {
address public oracleAddress;
address public BeaconContractAddress=0x79474439753C7c70011C3b00e06e559378bAD040;
constructor (address _oracleAddress) public {
oracleAddress = _oracleAddress;
}
73. TemerNet - Our Proof of Concept for Random Oracle
https://github.com/EPICKnowledgeSociety/TemereNet
function setBeaconContractAddress(address _address) public {
BeaconContractAddress=_address;
}
function generateRandomNumber() public view returns(bytes32){
uint blockNumber;
bytes32 randomNumber;
Beacon beacon=Beacon(BeaconContractAddress);
(blockNumber,randomNumber)=beacon.getLatestRandomness();
return randomNumber;
}
74. Single Secret Leader Election (SSLE)
In a Single Secret Leader Election (SSLE), a group of participants aim to randomly
choose exactly one leader from the group with the restriction that the identity of the
leader will be known to the chosen leader and nobody else.
At a later time, the elected leader should be able to publicly reveal her identity and
prove that she has won the election. The election process itself should work
properly even if many registered users are passive and do not send any messages.
Among the many applications of SSLEs, their potential for enabling more efficient
proof-of-stake based cryptocurrencies have recently received increased attention.
https://eprint.iacr.org/2020/025.pdf
75. Node Topology in Shard Chain using VDF
Every node is connected to m << n neighbours and is involved in the generation
and the verification of transactions, which simply carry proof carrying data (PCD).
It is important to limit the shard creation as a node could theoretically generate an
infinite number of transactions per second, without an appropriate access control
mechanism.
Every node has to evaluate a function (f) before issuing a transaction.
76. Isogeny based VDF
If we have two elliptic curves (E1 and E2), we can create a function that maps point (P) on
E1 to a point Q on E2. This function is known as an isogeny. If we can map this function,
every point on E1 can then be mapped to E2.
Our secret key is then the isogeny, and the public key is the elliptic curve that we are
using. With isogenous elliptic curves we thus do not deal with a single elliptic curve but a
family of them.
http://blog.intothesymmetry.com/2019/07/on-isogenies-verifiable-delay-functions.html
77.
78.
79. Construction of an Isogeny based VDF
Setup: the setup phase of this VDF consists of
Choosing a prime number N
Selecting a supersingular curve E
Performing a random non-backtracking walk of length T having as outcome the
isogeny ϕ and it's dual ϕ^ (every isogeny has a dual isogeny).
Choosing a point P and compute ϕ(P)
Output ϕ^,E,E′,P,ϕ(P)
80.
81. Evaluation and Verification of an Isogeny based VDF
Evaluation :
Receiving a random point Q > Compute ϕ^(Q)
Verification :
Use the Weil pairing and isogenies to verify eN(P,ϕ^(Q)) = eN(ϕ(P),Q)
http://blog.intothesymmetry.com/2019/07/on-isogenies-verifiable-delay-functions.html
82. Our Roadmap
● Implementation of Isogeny VDF Key Exchange using PQCrypto-SIDH
○ https://github.com/microsoft/PQCrypto-SIDH
● Implementation of Isogeny VDF Authentication using SS Isogeny
○ https://github.com/defeo/ss-isogeny-software
● Implementation of Single Secret Leader Selection using Mathcrypto
○ https://github.com/mathcrypto/SSLES
● Deployment of our Isogeny VDF with RANDAO
○ https://github.com/randao/randao
84. What would be a trivial VDF ?
A trivial delay function can be built by iterating a cryptographic hash function. For
example, it is reasonable to assume it is infeasible to compute 240 iterations of
SHA-256 in a matter of seconds, even using specialized hardware.
However, a lottery participant wishing to verify the output of this delay function
must repeat the computation in its entirety (which might take many hours on a
personal computer).
Ideally, we would like to design a delay function which any observer can quickly
verify was computed correctly.
85. VDF and PoW
VDFs are functions that require a preset number of iterations to complete.
Unlike PoW, in VDFs there is no trivial way to verify whether a node has correctly
solved
While VDFs and Proof of Work (PoW) both aim the evaluator to spend some time to
compute a puzzle, the former is mainly based on sequentially computing a function
(iterative squaring in RSA groups or points addition in elliptic curves, which cannot
be parallelized, making specialized hardware not able to substantially speed up the
puzzle computation.
86. VRF and VDF
VRF is secure after selection, i.e. needs checking. RANDAO and RANDAO + VDF
are secure ahead of time. You know the number will be random without checking.
In Ethereum, where there will potentially be hundreds of thousands of people
validating, it would be incredibly difficult to check all the VRF rolls, but with VDF
there's only one thing to check against the incoming blocks.
So VRF, you get blocks, then check them along with the proof submitted by the
validator. With VDF, blocks get checked against the random roll that's common for
everyone. Additional proof per block not needed.
87. Pietrzak VDF Scheme
To set up the VDF, choose a time parameter T, a finite abelian group G of unknown
order, and a hash function H from bytes to elements of G.
Given an input x, let g = H(x) evaluate the VDF by computing y = g2T
88. IOTA Approach
Evaluator node uses its last transaction as the input for the new VDF
Verifier node receives the transaction and proof from the node
Verifier node verifies the correctness of the VDF
89. Weslowski Construction in IOTA
The Wesolowski scheme assumes the existence of groups that satisfy something
called the adaptive root assumption, which is not well studied in the mathematical
literature.
90. IOTA Approach Best Practices
Each time a node decides to issue a transaction, it has to evaluate a VDF. The
evaluation takes as an input a binary message m ∈ {0,1}∗, which we enforce to be
the previous transaction issued by the same node.
In this way, the protocol ensures the sequentiality of the VDFs evaluations because
a node has to wait for a VDF to complete before starting a new evaluation.
In other terms, it is not possible to evaluate several VDFs in parallel to overcome
node’s allowed throughput.
91.
92. What could happen in a DDoS
During DDoS, the website is flooded with queries executed by a distributed network of
malware-infected computers (botnet). Eventually, the servers run out of resources.
DDoS attacks could be a a smokescreen, scammers try to execute even more dangerous
security breaches —
for example, to access the control panel of the website through an attack on the site
administrator, or to mass mail a link containing an attack vector to the stakeholders.
94. Volume based attacks
happen when the number
of queries is so high that it
saturates the bandwidth
of the attacked site and
drains the network
capacity.
95. HTTP flood is main load is
on the app server. Here it is
crucial to separate bots
from real users: installing
cookies, javascript or flash
flags, captcha.
99. Ironic position of EXTCODESIZE
The first sign of trouble was when geth nodes started to crash in the network due
to lack of memory on a specific block. The postmortem showed that the underlying
problem involved Ethereum’s EXTCODESIZE attribute, which is included in each
transaction by design. This results in much slower transaction confirmations. The
net result of the Ethereum DDoS attack was a reduction in the rate of block creation
by a factor of two or three.
100. Ironic position of EXTCODESIZE
This is due to the EXTCODESIZE opcode, which has a fairly low gasprice but which
requires nodes to read state information from disk; the attack transactions are
calling this opcode roughly 50,000 times per block. The consequence of this is that
the network is greatly slowing down, but there is NO consensus failure or memory
overload. An attacker could use this attribute to ask for additional checks against
the Ethereum network database — up to 50,000 at a time.