Publications-Theses

Article View/Open

Publication Export

Google ScholarTM

NCCU Library

Citation Infomation

Related Publications in TAIR

題名 以密碼學技術強化企業區塊鏈平台Quorum的交易安全性
Enhancing transaction security of enterprise blockchain platform Quorum with cryptography
作者 賴晨和
Lai, Chen-He
貢獻者 陳恭
Chen, Kung
賴晨和
Lai, Chen-He
關鍵詞 區塊鏈
同態加密
零知識證明
隱私強化技術
Blockchain
Quorum
Homomorphic encryption
Zero-knowledge proof
Privacy enhancing technology
日期 2020
上傳時間 3-Aug-2020 17:59:11 (UTC+8)
摘要 分散式帳簿技術(Distributed Ledger Technology, DLT)為區塊鏈重要的技術之一,具有去中介化與無法竄改資料等特性,且交易確認即近乎即時完成清算,有助於提供多方之間的非中心化交易系統架構。
但是對於民間企業,甚或是政府機構而言,區塊鏈技術的使用必須符合某種程度的管控與監理,以及隱私要求。所以近年來陸續有一些企業級的區塊鏈平台出現,針對這些需求提供特殊功能。本研究所使用的企業區塊鏈平台Quorum雖然有提供私有交易功能,可提供保障隱私的私有交易功能,但私有交易卻可能帶來私有帳本的分歧和不易監管等缺點。
本研究旨在探討使用密碼學技術增強企業區塊鏈交易安全之可行性技術研究,提出的方案核心構想是「交易內容可隱藏,但交易結果必須可公開檢驗」,技術上透過「公私混合式合約的軟體框架」搭配密碼學方法來實現的軟體架構。
此外本研究也對於使用公私合約交易架構產生的問題(deadlock、starvation等)討論了一些可能的解決方式,並提出了一些改善交易吞吐量的方式,期能提供企業未來導入區塊鏈技術時的參考。
Blockchain has the characteristics of decentralization and tamper resistance, and transaction confirmation is almost immediate, which helps to provide decentralized transaction system architecture among multiple parties.
However, for enterprises or governments, the use of blockchain must meet a certain degree of management and supervisory requirements. Thus, there are several enterprise blockchain platforms emerged in the past few years, including Quorum, an Ethereum based enterprise blockchain. Although the Quorum platform provides private transactions to protect the privacy of trading parties, it may still cause transaction security issues such as inconsistent private states and supervision challenges.
This research aims to discuss the feasibility of using cryptography technology to enhance the transaction security of blockchain. The core concept scheme we proposed is "the transaction content can be hidden, but the transaction result must be publicly verifiable". Technically, the proposed "public-private hybrid contract software framework" with cryptographic methods can lay a foundation for developing the software architecture with enhanced transaction security.
In addition, this research also discusses some possible solutions to the problems arising from the use of public-private hybrid contract architecture, such as deadlock and starvation, and proposes some solution to improve transaction efficiency. We believe that our results have, to a certain degree, addressed the concerns of enterprises when adopting blockchain technology.
參考文獻 壹、中文部分
田皓允(2017)。基於區塊鏈與智能合約 應用系統設計 以群眾外包資訊系統為例。碩士論文,國立高雄應用科技大學,資訊管理研究所碩士班。
林久弘(2017)。以太坊智能合約安全之研究。碩士論文,國立中興大學,資訊管理學系所。
林修平(2017)。半中心化的區塊鏈智能合約:以太坊區塊鏈上的中心化驗證及鏈下計算的智能合約。碩士論文,國立臺灣大學,資訊工程學研究所。
徐粲翔(2017)。Gcoin 智能合約架構。碩士論文,國立臺灣大學,資訊網路與多媒體研究所。
陳奕安(2017)。利用區塊鏈智慧合約整合物聯網異質網路。碩士論文,國立臺灣科技大學,資訊管理系。
曾佩汶(2017)。應用區塊鏈技術與智能合約實現產品供應鏈溯源軟體模組之開發。碩士論文,國立高雄應用科技大學,電機工程系博碩士班。
鄭敬儒(2018)。基於行為驅動開發製程的區塊鏈智能合約整合測試。碩士論文,國立政治大學,資訊科學系。
蕭人和(2017)。利用智能合約實現分散式電子投票與電子投標系統。碩士論文,國立政治大學,資訊科學學系。
貳、英文部分
(Corda) R3 Corda, from: https://github.com/corda/corda
(Hyperledger) Hyperledger Fabric v1.0 Deep Dive, from: https://goo.gl/V8jPfH
(Quorum) J.P. Morgan Quorum, from: https://github.com/jpmorganchase/quorum
Arati Baliga, Subhod I, Pandurang Kamat and Siddhartha Chatterjee(Baliga et. al., 2018), Performance Evaluation of the Quorum Blockchain Platform, https://arxiv.org/pdf/1809.03421.pdf
Atzei, N., Bartoletti, M., Cimoli, T. (Atzei et al. 2017), A survey of attacks on Ethereum smart con- tracts (SoK). In: Proceedings of the 6th International Conference on Principles of Security and Trust (POST). pp. 164–186. Springer (April 2017)
Christian Cachin, Simon Schubert, Marko Vukolić (Cachin 2016), Non-Determinism in Byzantine Fault-Tolerant Replication, 20th International Conference on Principles of Distributed Systems (OPODIS 2016).
Chun-Feng Liao, Ching-Ju Cheng, Kung Chen, Chen-Ho Lai, Tien Chiu, and Chi Wu-Lee (Liao et al. 2017). Toward a Service Platform for Developing Smart Contracts on Blockchain in BDD and TDD styles. IEEE International Conference on Service-Oriented Computing & Applications (IEEE SOCA), Nov. 2017, Kanazawa, Japan. MOST 106-2221-E-004-003.
Chun-Feng Liao, Sheng-Wen Bao, Ching-Ju Cheng, and Kung Chen (Liao et al. ICCE, 2017). On Design Issues and Architectural Styles for Blockchain-driven IoT Services. IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS - TAIWAN (IEEE ICCE-Taiwan 2017), Taipei, Taiwan.
Chun-Wei Chen, Jian-Wei Su, Tung-Wei Kuo, and Kung Chen, (Chen et al. 2018), MSig-BFT: A Witness-Based Consensus Algorithm for Private Blockchains, The 2nd IEEE International Workshop on Blockchain Technologies and Systems (IEEE ICPADS-BCTS), 2018, 最佳論文獎
Eiichiro Fujisaki and Tatsuaki Okamoto (Fujisaki and Okamoto, 1997). Statistical zero knowledge protocols to prove modular polynomial relations. In Annual International, Cryptology Conference, pages 16–30. Springer, 1997.
Eli Ben Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. (Sasson et. al., 2014) Zerocash: Decentralized anonymous payments from bitcoin. In 2014 IEEE Symposium on Security and Privacy (SP), pages 459–474. IEEE, 2014.
Kun Peng (Peng 2011). A general, flexible and efficient proof of inclusion and exclusion. In Cryptographers’ Track at the RSA Conference, pages 33– 48. Springer, 2011.
Kun Peng and Feng Bao (Peng and Bao, 2010). An efficient range proof scheme. In Social Computing (SocialCom), 2010 IEEE Second International Conference on, pages 826–833. IEEE, 2010.
Kun Peng and Feng Bao (Peng and Bao, 2010). Batch range proof for practical small ranges. In International Conference on Cryptology in Africa, pages 114–130. Springer, 2010.
Kun Peng and Li Yi (Peng and Yi, 2013). Studying a range proof technique—exception and optimisation. In International Conference on Cryptology in Africa, pages 328–341. Springer, 2013.
Kun Peng, Colin Boyd, and Ed Dawson (Kun et. al., 2007) Batch zero-knowledge proof and verification and its applications. ACM Transactions on Information and System Security (TISSEC), 10(2):6, 2007.
Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A. (Luu et al. 2016), Making smart contracts smarter. In: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security (CCS). pp. 254–269. ACM (October 2016)
Monetary Authority of Singapore (Ubin 2, 2017), Project Ubin Phase 2: Re-imagine Interbank Real-Time Gross Settlement using Distributed Ledger Technology, Nov. 2017. https://www.mas.gov.sg/-/media/MAS/ProjectUbin/Project-Ubin-Phase-2-Reimagining-RTGS.pdf?la=en&hash=0507773872C5256FE71285BAC633B14DC8C708AF
NCCU BFT Consensus for Go-Ethereum, (NCCU BFT, 2017), from: https://github.com/NCCUCS-PLSM/NCCU-BFT-for-Go-Ethereum/
Roberto Saltini and David Hyland-Wood (Saltini and Hyland-Wood, 2019), Correctness Analysis of Istanbul Byzantine Fault Tolerance, https://arxiv.org/pdf/1901.07160.pdf
Shafi Goldwasser, Silvio Micali, and Charles Rackoff. (Goldwasser et. al., 1989), The knowledge complexity of interactive proof systems. SIAM Journal on Computing, 18(1):186–208, 1989. Preliminary version appeared in STOC ’85.
Shashank Agrawal, Chaya Ganesh, and Payman Mohassel, (Agrawal et. al., 2018), Non-Interactive Zero-Knowledge Proofs for Composite Statements, https://eprint.iacr.org/2018/557.pdf
Solidity: A Contract Language for Ethereum Blockchains. (Solidity 2018), from: https://solidity.readthedocs.io/en/v0.4.24/, accessed 2018.12.29.
Vitalik Buterin, (2015), Ethereum White Paper: A Next-Generation Smart Contract and Decentralized Application Platform., from: https://github.com/ethereum/wiki/wiki/White-Paper
W ̈ohrer, M., Zdun, U., (W ̈ohrer & Zdun 2018), Design patterns for smart contracts in the Ethereum ecosys- tem. In: Proceedings of the 2018 IEEE Conference on Blockchain. pp. 1513–1520 (2018)
Xu, X., Weber, I., Staples, M., Zhu, L., Bosch, J., Bass, L., and Rimba, P. (2017, April). A taxonomy of blockchain-based systems for architecture design. In Software Architecture (ICSA), 2017 IEEE International Conference on (pp. 243-252). IEEE.
Ya Che Tsai, Raylin Tso, Zi-Yuan Liu, Kung Chen, (Tsai et. al., 2019) An Improved Non-Interactive Zero-Knowledge Range Proof for Decentralized Applications. IEEE DAPPCON 2019: 129-134
Ya Che Tsai, 非互動零知識值域證明及其應用Non-Interactive Zero-Knowledge Range Proof and Its Applications,碩士論文,國立政治大學資訊科學系,2019。
描述 碩士
國立政治大學
資訊科學系
107753004
資料來源 http://thesis.lib.nccu.edu.tw/record/#G0107753004
資料類型 thesis
dc.contributor.advisor 陳恭zh_TW
dc.contributor.advisor Chen, Kungen_US
dc.contributor.author (Authors) 賴晨和zh_TW
dc.contributor.author (Authors) Lai, Chen-Heen_US
dc.creator (作者) 賴晨和zh_TW
dc.creator (作者) Lai, Chen-Heen_US
dc.date (日期) 2020en_US
dc.date.accessioned 3-Aug-2020 17:59:11 (UTC+8)-
dc.date.available 3-Aug-2020 17:59:11 (UTC+8)-
dc.date.issued (上傳時間) 3-Aug-2020 17:59:11 (UTC+8)-
dc.identifier (Other Identifiers) G0107753004en_US
dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/131115-
dc.description (描述) 碩士zh_TW
dc.description (描述) 國立政治大學zh_TW
dc.description (描述) 資訊科學系zh_TW
dc.description (描述) 107753004zh_TW
dc.description.abstract (摘要) 分散式帳簿技術(Distributed Ledger Technology, DLT)為區塊鏈重要的技術之一,具有去中介化與無法竄改資料等特性,且交易確認即近乎即時完成清算,有助於提供多方之間的非中心化交易系統架構。
但是對於民間企業,甚或是政府機構而言,區塊鏈技術的使用必須符合某種程度的管控與監理,以及隱私要求。所以近年來陸續有一些企業級的區塊鏈平台出現,針對這些需求提供特殊功能。本研究所使用的企業區塊鏈平台Quorum雖然有提供私有交易功能,可提供保障隱私的私有交易功能,但私有交易卻可能帶來私有帳本的分歧和不易監管等缺點。
本研究旨在探討使用密碼學技術增強企業區塊鏈交易安全之可行性技術研究,提出的方案核心構想是「交易內容可隱藏,但交易結果必須可公開檢驗」,技術上透過「公私混合式合約的軟體框架」搭配密碼學方法來實現的軟體架構。
此外本研究也對於使用公私合約交易架構產生的問題(deadlock、starvation等)討論了一些可能的解決方式,並提出了一些改善交易吞吐量的方式,期能提供企業未來導入區塊鏈技術時的參考。
zh_TW
dc.description.abstract (摘要) Blockchain has the characteristics of decentralization and tamper resistance, and transaction confirmation is almost immediate, which helps to provide decentralized transaction system architecture among multiple parties.
However, for enterprises or governments, the use of blockchain must meet a certain degree of management and supervisory requirements. Thus, there are several enterprise blockchain platforms emerged in the past few years, including Quorum, an Ethereum based enterprise blockchain. Although the Quorum platform provides private transactions to protect the privacy of trading parties, it may still cause transaction security issues such as inconsistent private states and supervision challenges.
This research aims to discuss the feasibility of using cryptography technology to enhance the transaction security of blockchain. The core concept scheme we proposed is "the transaction content can be hidden, but the transaction result must be publicly verifiable". Technically, the proposed "public-private hybrid contract software framework" with cryptographic methods can lay a foundation for developing the software architecture with enhanced transaction security.
In addition, this research also discusses some possible solutions to the problems arising from the use of public-private hybrid contract architecture, such as deadlock and starvation, and proposes some solution to improve transaction efficiency. We believe that our results have, to a certain degree, addressed the concerns of enterprises when adopting blockchain technology.
en_US
dc.description.tableofcontents 第一章 緒論 1
第一節 研究背景與動機 1
第二節 研究問題 4
第二章 技術背景與相關研究 7
第一節 區塊鏈與智能合約 7
第二節 Quorum 7
第三節 Quorum私有交易 8
第四節 密碼學與零知識證明 10
第三章 系統設計及架構 12
第一節 系統設計 12
第二節 智能合約設計 13
第三節 交易流程設計 15
第四節 系統架構 17
第四章 系統實作 20
第一節 基於 Quorum的聯盟鏈 20
第二節 同態加密與零知識值域證明 22
第三節 交易流程實作 23
第五章 實驗評估 27
第一節 功能測試 27
第二節 效能測試 30
第六章 結論與建議 34
第一節 結論 34
第二節 建議 34
參考文獻 35
zh_TW
dc.format.extent 2571801 bytes-
dc.format.mimetype application/pdf-
dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0107753004en_US
dc.subject (關鍵詞) 區塊鏈zh_TW
dc.subject (關鍵詞) 同態加密zh_TW
dc.subject (關鍵詞) 零知識證明zh_TW
dc.subject (關鍵詞) 隱私強化技術zh_TW
dc.subject (關鍵詞) Blockchainen_US
dc.subject (關鍵詞) Quorumen_US
dc.subject (關鍵詞) Homomorphic encryptionen_US
dc.subject (關鍵詞) Zero-knowledge proofen_US
dc.subject (關鍵詞) Privacy enhancing technologyen_US
dc.title (題名) 以密碼學技術強化企業區塊鏈平台Quorum的交易安全性zh_TW
dc.title (題名) Enhancing transaction security of enterprise blockchain platform Quorum with cryptographyen_US
dc.type (資料類型) thesisen_US
dc.relation.reference (參考文獻) 壹、中文部分
田皓允(2017)。基於區塊鏈與智能合約 應用系統設計 以群眾外包資訊系統為例。碩士論文,國立高雄應用科技大學,資訊管理研究所碩士班。
林久弘(2017)。以太坊智能合約安全之研究。碩士論文,國立中興大學,資訊管理學系所。
林修平(2017)。半中心化的區塊鏈智能合約:以太坊區塊鏈上的中心化驗證及鏈下計算的智能合約。碩士論文,國立臺灣大學,資訊工程學研究所。
徐粲翔(2017)。Gcoin 智能合約架構。碩士論文,國立臺灣大學,資訊網路與多媒體研究所。
陳奕安(2017)。利用區塊鏈智慧合約整合物聯網異質網路。碩士論文,國立臺灣科技大學,資訊管理系。
曾佩汶(2017)。應用區塊鏈技術與智能合約實現產品供應鏈溯源軟體模組之開發。碩士論文,國立高雄應用科技大學,電機工程系博碩士班。
鄭敬儒(2018)。基於行為驅動開發製程的區塊鏈智能合約整合測試。碩士論文,國立政治大學,資訊科學系。
蕭人和(2017)。利用智能合約實現分散式電子投票與電子投標系統。碩士論文,國立政治大學,資訊科學學系。
貳、英文部分
(Corda) R3 Corda, from: https://github.com/corda/corda
(Hyperledger) Hyperledger Fabric v1.0 Deep Dive, from: https://goo.gl/V8jPfH
(Quorum) J.P. Morgan Quorum, from: https://github.com/jpmorganchase/quorum
Arati Baliga, Subhod I, Pandurang Kamat and Siddhartha Chatterjee(Baliga et. al., 2018), Performance Evaluation of the Quorum Blockchain Platform, https://arxiv.org/pdf/1809.03421.pdf
Atzei, N., Bartoletti, M., Cimoli, T. (Atzei et al. 2017), A survey of attacks on Ethereum smart con- tracts (SoK). In: Proceedings of the 6th International Conference on Principles of Security and Trust (POST). pp. 164–186. Springer (April 2017)
Christian Cachin, Simon Schubert, Marko Vukolić (Cachin 2016), Non-Determinism in Byzantine Fault-Tolerant Replication, 20th International Conference on Principles of Distributed Systems (OPODIS 2016).
Chun-Feng Liao, Ching-Ju Cheng, Kung Chen, Chen-Ho Lai, Tien Chiu, and Chi Wu-Lee (Liao et al. 2017). Toward a Service Platform for Developing Smart Contracts on Blockchain in BDD and TDD styles. IEEE International Conference on Service-Oriented Computing & Applications (IEEE SOCA), Nov. 2017, Kanazawa, Japan. MOST 106-2221-E-004-003.
Chun-Feng Liao, Sheng-Wen Bao, Ching-Ju Cheng, and Kung Chen (Liao et al. ICCE, 2017). On Design Issues and Architectural Styles for Blockchain-driven IoT Services. IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS - TAIWAN (IEEE ICCE-Taiwan 2017), Taipei, Taiwan.
Chun-Wei Chen, Jian-Wei Su, Tung-Wei Kuo, and Kung Chen, (Chen et al. 2018), MSig-BFT: A Witness-Based Consensus Algorithm for Private Blockchains, The 2nd IEEE International Workshop on Blockchain Technologies and Systems (IEEE ICPADS-BCTS), 2018, 最佳論文獎
Eiichiro Fujisaki and Tatsuaki Okamoto (Fujisaki and Okamoto, 1997). Statistical zero knowledge protocols to prove modular polynomial relations. In Annual International, Cryptology Conference, pages 16–30. Springer, 1997.
Eli Ben Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. (Sasson et. al., 2014) Zerocash: Decentralized anonymous payments from bitcoin. In 2014 IEEE Symposium on Security and Privacy (SP), pages 459–474. IEEE, 2014.
Kun Peng (Peng 2011). A general, flexible and efficient proof of inclusion and exclusion. In Cryptographers’ Track at the RSA Conference, pages 33– 48. Springer, 2011.
Kun Peng and Feng Bao (Peng and Bao, 2010). An efficient range proof scheme. In Social Computing (SocialCom), 2010 IEEE Second International Conference on, pages 826–833. IEEE, 2010.
Kun Peng and Feng Bao (Peng and Bao, 2010). Batch range proof for practical small ranges. In International Conference on Cryptology in Africa, pages 114–130. Springer, 2010.
Kun Peng and Li Yi (Peng and Yi, 2013). Studying a range proof technique—exception and optimisation. In International Conference on Cryptology in Africa, pages 328–341. Springer, 2013.
Kun Peng, Colin Boyd, and Ed Dawson (Kun et. al., 2007) Batch zero-knowledge proof and verification and its applications. ACM Transactions on Information and System Security (TISSEC), 10(2):6, 2007.
Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A. (Luu et al. 2016), Making smart contracts smarter. In: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security (CCS). pp. 254–269. ACM (October 2016)
Monetary Authority of Singapore (Ubin 2, 2017), Project Ubin Phase 2: Re-imagine Interbank Real-Time Gross Settlement using Distributed Ledger Technology, Nov. 2017. https://www.mas.gov.sg/-/media/MAS/ProjectUbin/Project-Ubin-Phase-2-Reimagining-RTGS.pdf?la=en&hash=0507773872C5256FE71285BAC633B14DC8C708AF
NCCU BFT Consensus for Go-Ethereum, (NCCU BFT, 2017), from: https://github.com/NCCUCS-PLSM/NCCU-BFT-for-Go-Ethereum/
Roberto Saltini and David Hyland-Wood (Saltini and Hyland-Wood, 2019), Correctness Analysis of Istanbul Byzantine Fault Tolerance, https://arxiv.org/pdf/1901.07160.pdf
Shafi Goldwasser, Silvio Micali, and Charles Rackoff. (Goldwasser et. al., 1989), The knowledge complexity of interactive proof systems. SIAM Journal on Computing, 18(1):186–208, 1989. Preliminary version appeared in STOC ’85.
Shashank Agrawal, Chaya Ganesh, and Payman Mohassel, (Agrawal et. al., 2018), Non-Interactive Zero-Knowledge Proofs for Composite Statements, https://eprint.iacr.org/2018/557.pdf
Solidity: A Contract Language for Ethereum Blockchains. (Solidity 2018), from: https://solidity.readthedocs.io/en/v0.4.24/, accessed 2018.12.29.
Vitalik Buterin, (2015), Ethereum White Paper: A Next-Generation Smart Contract and Decentralized Application Platform., from: https://github.com/ethereum/wiki/wiki/White-Paper
W ̈ohrer, M., Zdun, U., (W ̈ohrer & Zdun 2018), Design patterns for smart contracts in the Ethereum ecosys- tem. In: Proceedings of the 2018 IEEE Conference on Blockchain. pp. 1513–1520 (2018)
Xu, X., Weber, I., Staples, M., Zhu, L., Bosch, J., Bass, L., and Rimba, P. (2017, April). A taxonomy of blockchain-based systems for architecture design. In Software Architecture (ICSA), 2017 IEEE International Conference on (pp. 243-252). IEEE.
Ya Che Tsai, Raylin Tso, Zi-Yuan Liu, Kung Chen, (Tsai et. al., 2019) An Improved Non-Interactive Zero-Knowledge Range Proof for Decentralized Applications. IEEE DAPPCON 2019: 129-134
Ya Che Tsai, 非互動零知識值域證明及其應用Non-Interactive Zero-Knowledge Range Proof and Its Applications,碩士論文,國立政治大學資訊科學系,2019。
zh_TW
dc.identifier.doi (DOI) 10.6814/NCCU202000872en_US