學術產出-Theses
Article View/Open
Publication Export
-
題名 以密碼學技術強化企業區塊鏈平台Quorum的交易安全性
Enhancing transaction security of enterprise blockchain platform Quorum with cryptography作者 賴晨和
Lai, Chen-He貢獻者 陳恭
Chen, Kung
賴晨和
Lai, Chen-He關鍵詞 區塊鏈
同態加密
零知識證明
隱私強化技術
Blockchain
Quorum
Homomorphic encryption
Zero-knowledge proof
Privacy enhancing technology日期 2020 上傳時間 3-Aug-2020 17:59:11 (UTC+8) 摘要 分散式帳簿技術(Distributed Ledger Technology, DLT)為區塊鏈重要的技術之一,具有去中介化與無法竄改資料等特性,且交易確認即近乎即時完成清算,有助於提供多方之間的非中心化交易系統架構。但是對於民間企業,甚或是政府機構而言,區塊鏈技術的使用必須符合某種程度的管控與監理,以及隱私要求。所以近年來陸續有一些企業級的區塊鏈平台出現,針對這些需求提供特殊功能。本研究所使用的企業區塊鏈平台Quorum雖然有提供私有交易功能,可提供保障隱私的私有交易功能,但私有交易卻可能帶來私有帳本的分歧和不易監管等缺點。本研究旨在探討使用密碼學技術增強企業區塊鏈交易安全之可行性技術研究,提出的方案核心構想是「交易內容可隱藏,但交易結果必須可公開檢驗」,技術上透過「公私混合式合約的軟體框架」搭配密碼學方法來實現的軟體架構。此外本研究也對於使用公私合約交易架構產生的問題(deadlock、starvation等)討論了一些可能的解決方式,並提出了一些改善交易吞吐量的方式,期能提供企業未來導入區塊鏈技術時的參考。
Blockchain has the characteristics of decentralization and tamper resistance, and transaction confirmation is almost immediate, which helps to provide decentralized transaction system architecture among multiple parties.However, for enterprises or governments, the use of blockchain must meet a certain degree of management and supervisory requirements. Thus, there are several enterprise blockchain platforms emerged in the past few years, including Quorum, an Ethereum based enterprise blockchain. Although the Quorum platform provides private transactions to protect the privacy of trading parties, it may still cause transaction security issues such as inconsistent private states and supervision challenges.This research aims to discuss the feasibility of using cryptography technology to enhance the transaction security of blockchain. The core concept scheme we proposed is "the transaction content can be hidden, but the transaction result must be publicly verifiable". Technically, the proposed "public-private hybrid contract software framework" with cryptographic methods can lay a foundation for developing the software architecture with enhanced transaction security.In addition, this research also discusses some possible solutions to the problems arising from the use of public-private hybrid contract architecture, such as deadlock and starvation, and proposes some solution to improve transaction efficiency. We believe that our results have, to a certain degree, addressed the concerns of enterprises when adopting blockchain technology.參考文獻 壹、中文部分田皓允(2017)。基於區塊鏈與智能合約 應用系統設計 以群眾外包資訊系統為例。碩士論文,國立高雄應用科技大學,資訊管理研究所碩士班。林久弘(2017)。以太坊智能合約安全之研究。碩士論文,國立中興大學,資訊管理學系所。林修平(2017)。半中心化的區塊鏈智能合約:以太坊區塊鏈上的中心化驗證及鏈下計算的智能合約。碩士論文,國立臺灣大學,資訊工程學研究所。徐粲翔(2017)。Gcoin 智能合約架構。碩士論文,國立臺灣大學,資訊網路與多媒體研究所。陳奕安(2017)。利用區塊鏈智慧合約整合物聯網異質網路。碩士論文,國立臺灣科技大學,資訊管理系。曾佩汶(2017)。應用區塊鏈技術與智能合約實現產品供應鏈溯源軟體模組之開發。碩士論文,國立高雄應用科技大學,電機工程系博碩士班。鄭敬儒(2018)。基於行為驅動開發製程的區塊鏈智能合約整合測試。碩士論文,國立政治大學,資訊科學系。蕭人和(2017)。利用智能合約實現分散式電子投票與電子投標系統。碩士論文,國立政治大學,資訊科學學系。貳、英文部分(Corda) R3 Corda, from: https://github.com/corda/corda(Hyperledger) Hyperledger Fabric v1.0 Deep Dive, from: https://goo.gl/V8jPfH(Quorum) J.P. Morgan Quorum, from: https://github.com/jpmorganchase/quorumArati Baliga, Subhod I, Pandurang Kamat and Siddhartha Chatterjee(Baliga et. al., 2018), Performance Evaluation of the Quorum Blockchain Platform, https://arxiv.org/pdf/1809.03421.pdfAtzei, N., Bartoletti, M., Cimoli, T. (Atzei et al. 2017), A survey of attacks on Ethereum smart con- tracts (SoK). In: Proceedings of the 6th International Conference on Principles of Security and Trust (POST). pp. 164–186. Springer (April 2017)Christian Cachin, Simon Schubert, Marko Vukolić (Cachin 2016), Non-Determinism in Byzantine Fault-Tolerant Replication, 20th International Conference on Principles of Distributed Systems (OPODIS 2016).Chun-Feng Liao, Ching-Ju Cheng, Kung Chen, Chen-Ho Lai, Tien Chiu, and Chi Wu-Lee (Liao et al. 2017). Toward a Service Platform for Developing Smart Contracts on Blockchain in BDD and TDD styles. IEEE International Conference on Service-Oriented Computing & Applications (IEEE SOCA), Nov. 2017, Kanazawa, Japan. MOST 106-2221-E-004-003.Chun-Feng Liao, Sheng-Wen Bao, Ching-Ju Cheng, and Kung Chen (Liao et al. ICCE, 2017). On Design Issues and Architectural Styles for Blockchain-driven IoT Services. IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS - TAIWAN (IEEE ICCE-Taiwan 2017), Taipei, Taiwan.Chun-Wei Chen, Jian-Wei Su, Tung-Wei Kuo, and Kung Chen, (Chen et al. 2018), MSig-BFT: A Witness-Based Consensus Algorithm for Private Blockchains, The 2nd IEEE International Workshop on Blockchain Technologies and Systems (IEEE ICPADS-BCTS), 2018, 最佳論文獎Eiichiro Fujisaki and Tatsuaki Okamoto (Fujisaki and Okamoto, 1997). Statistical zero knowledge protocols to prove modular polynomial relations. In Annual International, Cryptology Conference, pages 16–30. Springer, 1997.Eli Ben Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. (Sasson et. al., 2014) Zerocash: Decentralized anonymous payments from bitcoin. In 2014 IEEE Symposium on Security and Privacy (SP), pages 459–474. IEEE, 2014.Kun Peng (Peng 2011). A general, flexible and efficient proof of inclusion and exclusion. In Cryptographers’ Track at the RSA Conference, pages 33– 48. Springer, 2011.Kun Peng and Feng Bao (Peng and Bao, 2010). An efficient range proof scheme. In Social Computing (SocialCom), 2010 IEEE Second International Conference on, pages 826–833. IEEE, 2010.Kun Peng and Feng Bao (Peng and Bao, 2010). Batch range proof for practical small ranges. In International Conference on Cryptology in Africa, pages 114–130. Springer, 2010.Kun Peng and Li Yi (Peng and Yi, 2013). Studying a range proof technique—exception and optimisation. In International Conference on Cryptology in Africa, pages 328–341. Springer, 2013.Kun Peng, Colin Boyd, and Ed Dawson (Kun et. al., 2007) Batch zero-knowledge proof and verification and its applications. ACM Transactions on Information and System Security (TISSEC), 10(2):6, 2007.Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A. (Luu et al. 2016), Making smart contracts smarter. In: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security (CCS). pp. 254–269. ACM (October 2016)Monetary Authority of Singapore (Ubin 2, 2017), Project Ubin Phase 2: Re-imagine Interbank Real-Time Gross Settlement using Distributed Ledger Technology, Nov. 2017. https://www.mas.gov.sg/-/media/MAS/ProjectUbin/Project-Ubin-Phase-2-Reimagining-RTGS.pdf?la=en&hash=0507773872C5256FE71285BAC633B14DC8C708AFNCCU BFT Consensus for Go-Ethereum, (NCCU BFT, 2017), from: https://github.com/NCCUCS-PLSM/NCCU-BFT-for-Go-Ethereum/Roberto Saltini and David Hyland-Wood (Saltini and Hyland-Wood, 2019), Correctness Analysis of Istanbul Byzantine Fault Tolerance, https://arxiv.org/pdf/1901.07160.pdfShafi Goldwasser, Silvio Micali, and Charles Rackoff. (Goldwasser et. al., 1989), The knowledge complexity of interactive proof systems. SIAM Journal on Computing, 18(1):186–208, 1989. Preliminary version appeared in STOC ’85.Shashank Agrawal, Chaya Ganesh, and Payman Mohassel, (Agrawal et. al., 2018), Non-Interactive Zero-Knowledge Proofs for Composite Statements, https://eprint.iacr.org/2018/557.pdfSolidity: A Contract Language for Ethereum Blockchains. (Solidity 2018), from: https://solidity.readthedocs.io/en/v0.4.24/, accessed 2018.12.29.Vitalik Buterin, (2015), Ethereum White Paper: A Next-Generation Smart Contract and Decentralized Application Platform., from: https://github.com/ethereum/wiki/wiki/White-PaperW ̈ohrer, M., Zdun, U., (W ̈ohrer & Zdun 2018), Design patterns for smart contracts in the Ethereum ecosys- tem. In: Proceedings of the 2018 IEEE Conference on Blockchain. pp. 1513–1520 (2018)Xu, X., Weber, I., Staples, M., Zhu, L., Bosch, J., Bass, L., and Rimba, P. (2017, April). A taxonomy of blockchain-based systems for architecture design. In Software Architecture (ICSA), 2017 IEEE International Conference on (pp. 243-252). IEEE.Ya Che Tsai, Raylin Tso, Zi-Yuan Liu, Kung Chen, (Tsai et. al., 2019) An Improved Non-Interactive Zero-Knowledge Range Proof for Decentralized Applications. IEEE DAPPCON 2019: 129-134Ya Che Tsai, 非互動零知識值域證明及其應用Non-Interactive Zero-Knowledge Range Proof and Its Applications,碩士論文,國立政治大學資訊科學系,2019。 描述 碩士
國立政治大學
資訊科學系
107753004資料來源 http://thesis.lib.nccu.edu.tw/record/#G0107753004 資料類型 thesis dc.contributor.advisor 陳恭 zh_TW dc.contributor.advisor Chen, Kung en_US dc.contributor.author (Authors) 賴晨和 zh_TW dc.contributor.author (Authors) Lai, Chen-He en_US dc.creator (作者) 賴晨和 zh_TW dc.creator (作者) Lai, Chen-He en_US dc.date (日期) 2020 en_US dc.date.accessioned 3-Aug-2020 17:59:11 (UTC+8) - dc.date.available 3-Aug-2020 17:59:11 (UTC+8) - dc.date.issued (上傳時間) 3-Aug-2020 17:59:11 (UTC+8) - dc.identifier (Other Identifiers) G0107753004 en_US dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/131115 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 資訊科學系 zh_TW dc.description (描述) 107753004 zh_TW dc.description.abstract (摘要) 分散式帳簿技術(Distributed Ledger Technology, DLT)為區塊鏈重要的技術之一,具有去中介化與無法竄改資料等特性,且交易確認即近乎即時完成清算,有助於提供多方之間的非中心化交易系統架構。但是對於民間企業,甚或是政府機構而言,區塊鏈技術的使用必須符合某種程度的管控與監理,以及隱私要求。所以近年來陸續有一些企業級的區塊鏈平台出現,針對這些需求提供特殊功能。本研究所使用的企業區塊鏈平台Quorum雖然有提供私有交易功能,可提供保障隱私的私有交易功能,但私有交易卻可能帶來私有帳本的分歧和不易監管等缺點。本研究旨在探討使用密碼學技術增強企業區塊鏈交易安全之可行性技術研究,提出的方案核心構想是「交易內容可隱藏,但交易結果必須可公開檢驗」,技術上透過「公私混合式合約的軟體框架」搭配密碼學方法來實現的軟體架構。此外本研究也對於使用公私合約交易架構產生的問題(deadlock、starvation等)討論了一些可能的解決方式,並提出了一些改善交易吞吐量的方式,期能提供企業未來導入區塊鏈技術時的參考。 zh_TW dc.description.abstract (摘要) Blockchain has the characteristics of decentralization and tamper resistance, and transaction confirmation is almost immediate, which helps to provide decentralized transaction system architecture among multiple parties.However, for enterprises or governments, the use of blockchain must meet a certain degree of management and supervisory requirements. Thus, there are several enterprise blockchain platforms emerged in the past few years, including Quorum, an Ethereum based enterprise blockchain. Although the Quorum platform provides private transactions to protect the privacy of trading parties, it may still cause transaction security issues such as inconsistent private states and supervision challenges.This research aims to discuss the feasibility of using cryptography technology to enhance the transaction security of blockchain. The core concept scheme we proposed is "the transaction content can be hidden, but the transaction result must be publicly verifiable". Technically, the proposed "public-private hybrid contract software framework" with cryptographic methods can lay a foundation for developing the software architecture with enhanced transaction security.In addition, this research also discusses some possible solutions to the problems arising from the use of public-private hybrid contract architecture, such as deadlock and starvation, and proposes some solution to improve transaction efficiency. We believe that our results have, to a certain degree, addressed the concerns of enterprises when adopting blockchain technology. en_US dc.description.tableofcontents 第一章 緒論 1第一節 研究背景與動機 1第二節 研究問題 4第二章 技術背景與相關研究 7第一節 區塊鏈與智能合約 7第二節 Quorum 7第三節 Quorum私有交易 8第四節 密碼學與零知識證明 10第三章 系統設計及架構 12第一節 系統設計 12第二節 智能合約設計 13第三節 交易流程設計 15第四節 系統架構 17第四章 系統實作 20第一節 基於 Quorum的聯盟鏈 20第二節 同態加密與零知識值域證明 22第三節 交易流程實作 23第五章 實驗評估 27第一節 功能測試 27第二節 效能測試 30第六章 結論與建議 34第一節 結論 34第二節 建議 34參考文獻 35 zh_TW dc.format.extent 2571801 bytes - dc.format.mimetype application/pdf - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0107753004 en_US dc.subject (關鍵詞) 區塊鏈 zh_TW dc.subject (關鍵詞) 同態加密 zh_TW dc.subject (關鍵詞) 零知識證明 zh_TW dc.subject (關鍵詞) 隱私強化技術 zh_TW dc.subject (關鍵詞) Blockchain en_US dc.subject (關鍵詞) Quorum en_US dc.subject (關鍵詞) Homomorphic encryption en_US dc.subject (關鍵詞) Zero-knowledge proof en_US dc.subject (關鍵詞) Privacy enhancing technology en_US dc.title (題名) 以密碼學技術強化企業區塊鏈平台Quorum的交易安全性 zh_TW dc.title (題名) Enhancing transaction security of enterprise blockchain platform Quorum with cryptography en_US dc.type (資料類型) thesis en_US dc.relation.reference (參考文獻) 壹、中文部分田皓允(2017)。基於區塊鏈與智能合約 應用系統設計 以群眾外包資訊系統為例。碩士論文,國立高雄應用科技大學,資訊管理研究所碩士班。林久弘(2017)。以太坊智能合約安全之研究。碩士論文,國立中興大學,資訊管理學系所。林修平(2017)。半中心化的區塊鏈智能合約:以太坊區塊鏈上的中心化驗證及鏈下計算的智能合約。碩士論文,國立臺灣大學,資訊工程學研究所。徐粲翔(2017)。Gcoin 智能合約架構。碩士論文,國立臺灣大學,資訊網路與多媒體研究所。陳奕安(2017)。利用區塊鏈智慧合約整合物聯網異質網路。碩士論文,國立臺灣科技大學,資訊管理系。曾佩汶(2017)。應用區塊鏈技術與智能合約實現產品供應鏈溯源軟體模組之開發。碩士論文,國立高雄應用科技大學,電機工程系博碩士班。鄭敬儒(2018)。基於行為驅動開發製程的區塊鏈智能合約整合測試。碩士論文,國立政治大學,資訊科學系。蕭人和(2017)。利用智能合約實現分散式電子投票與電子投標系統。碩士論文,國立政治大學,資訊科學學系。貳、英文部分(Corda) R3 Corda, from: https://github.com/corda/corda(Hyperledger) Hyperledger Fabric v1.0 Deep Dive, from: https://goo.gl/V8jPfH(Quorum) J.P. Morgan Quorum, from: https://github.com/jpmorganchase/quorumArati Baliga, Subhod I, Pandurang Kamat and Siddhartha Chatterjee(Baliga et. al., 2018), Performance Evaluation of the Quorum Blockchain Platform, https://arxiv.org/pdf/1809.03421.pdfAtzei, N., Bartoletti, M., Cimoli, T. (Atzei et al. 2017), A survey of attacks on Ethereum smart con- tracts (SoK). In: Proceedings of the 6th International Conference on Principles of Security and Trust (POST). pp. 164–186. Springer (April 2017)Christian Cachin, Simon Schubert, Marko Vukolić (Cachin 2016), Non-Determinism in Byzantine Fault-Tolerant Replication, 20th International Conference on Principles of Distributed Systems (OPODIS 2016).Chun-Feng Liao, Ching-Ju Cheng, Kung Chen, Chen-Ho Lai, Tien Chiu, and Chi Wu-Lee (Liao et al. 2017). Toward a Service Platform for Developing Smart Contracts on Blockchain in BDD and TDD styles. IEEE International Conference on Service-Oriented Computing & Applications (IEEE SOCA), Nov. 2017, Kanazawa, Japan. MOST 106-2221-E-004-003.Chun-Feng Liao, Sheng-Wen Bao, Ching-Ju Cheng, and Kung Chen (Liao et al. ICCE, 2017). On Design Issues and Architectural Styles for Blockchain-driven IoT Services. IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS - TAIWAN (IEEE ICCE-Taiwan 2017), Taipei, Taiwan.Chun-Wei Chen, Jian-Wei Su, Tung-Wei Kuo, and Kung Chen, (Chen et al. 2018), MSig-BFT: A Witness-Based Consensus Algorithm for Private Blockchains, The 2nd IEEE International Workshop on Blockchain Technologies and Systems (IEEE ICPADS-BCTS), 2018, 最佳論文獎Eiichiro Fujisaki and Tatsuaki Okamoto (Fujisaki and Okamoto, 1997). Statistical zero knowledge protocols to prove modular polynomial relations. In Annual International, Cryptology Conference, pages 16–30. Springer, 1997.Eli Ben Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. (Sasson et. al., 2014) Zerocash: Decentralized anonymous payments from bitcoin. In 2014 IEEE Symposium on Security and Privacy (SP), pages 459–474. IEEE, 2014.Kun Peng (Peng 2011). A general, flexible and efficient proof of inclusion and exclusion. In Cryptographers’ Track at the RSA Conference, pages 33– 48. Springer, 2011.Kun Peng and Feng Bao (Peng and Bao, 2010). An efficient range proof scheme. In Social Computing (SocialCom), 2010 IEEE Second International Conference on, pages 826–833. IEEE, 2010.Kun Peng and Feng Bao (Peng and Bao, 2010). Batch range proof for practical small ranges. In International Conference on Cryptology in Africa, pages 114–130. Springer, 2010.Kun Peng and Li Yi (Peng and Yi, 2013). Studying a range proof technique—exception and optimisation. In International Conference on Cryptology in Africa, pages 328–341. Springer, 2013.Kun Peng, Colin Boyd, and Ed Dawson (Kun et. al., 2007) Batch zero-knowledge proof and verification and its applications. ACM Transactions on Information and System Security (TISSEC), 10(2):6, 2007.Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A. (Luu et al. 2016), Making smart contracts smarter. In: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security (CCS). pp. 254–269. ACM (October 2016)Monetary Authority of Singapore (Ubin 2, 2017), Project Ubin Phase 2: Re-imagine Interbank Real-Time Gross Settlement using Distributed Ledger Technology, Nov. 2017. https://www.mas.gov.sg/-/media/MAS/ProjectUbin/Project-Ubin-Phase-2-Reimagining-RTGS.pdf?la=en&hash=0507773872C5256FE71285BAC633B14DC8C708AFNCCU BFT Consensus for Go-Ethereum, (NCCU BFT, 2017), from: https://github.com/NCCUCS-PLSM/NCCU-BFT-for-Go-Ethereum/Roberto Saltini and David Hyland-Wood (Saltini and Hyland-Wood, 2019), Correctness Analysis of Istanbul Byzantine Fault Tolerance, https://arxiv.org/pdf/1901.07160.pdfShafi Goldwasser, Silvio Micali, and Charles Rackoff. (Goldwasser et. al., 1989), The knowledge complexity of interactive proof systems. SIAM Journal on Computing, 18(1):186–208, 1989. Preliminary version appeared in STOC ’85.Shashank Agrawal, Chaya Ganesh, and Payman Mohassel, (Agrawal et. al., 2018), Non-Interactive Zero-Knowledge Proofs for Composite Statements, https://eprint.iacr.org/2018/557.pdfSolidity: A Contract Language for Ethereum Blockchains. (Solidity 2018), from: https://solidity.readthedocs.io/en/v0.4.24/, accessed 2018.12.29.Vitalik Buterin, (2015), Ethereum White Paper: A Next-Generation Smart Contract and Decentralized Application Platform., from: https://github.com/ethereum/wiki/wiki/White-PaperW ̈ohrer, M., Zdun, U., (W ̈ohrer & Zdun 2018), Design patterns for smart contracts in the Ethereum ecosys- tem. In: Proceedings of the 2018 IEEE Conference on Blockchain. pp. 1513–1520 (2018)Xu, X., Weber, I., Staples, M., Zhu, L., Bosch, J., Bass, L., and Rimba, P. (2017, April). A taxonomy of blockchain-based systems for architecture design. In Software Architecture (ICSA), 2017 IEEE International Conference on (pp. 243-252). IEEE.Ya Che Tsai, Raylin Tso, Zi-Yuan Liu, Kung Chen, (Tsai et. al., 2019) An Improved Non-Interactive Zero-Knowledge Range Proof for Decentralized Applications. IEEE DAPPCON 2019: 129-134Ya Che Tsai, 非互動零知識值域證明及其應用Non-Interactive Zero-Knowledge Range Proof and Its Applications,碩士論文,國立政治大學資訊科學系,2019。 zh_TW dc.identifier.doi (DOI) 10.6814/NCCU202000872 en_US
