Proceedings ArticleDOI
How to Use Bitcoin to Incentivize Correct Computations
Ranjit Kumaresan,Iddo Bentov +1 more
- pp 30-41
Reads0
Chats0
TLDR
An efficient secure computation protocol is shown that monetarily penalizes an adversary that attempts to learn one bit of information but gets detected in the process and captures the amount of computational effort required to validate Bitcoin transactions required to implement it in Bitcoin.Abstract:
We study a model of incentivizing correct computations in a variety of cryptographic tasks. For each of these tasks we propose a formal model and design protocols satisfying our model's constraints in a hybrid model where parties have access to special ideal functionalities that enable monetary transactions. We summarize our results: Verifiable computation. We consider a setting where a delegator outsources computation to a worker who expects to get paid in return for delivering correct outputs. We design protocols that compile both public and private verification schemes to support incentivizations described above. Secure computation with restricted leakage. Building on the recent work of Huang et al. (Security and Privacy 2012), we show an efficient secure computation protocol that monetarily penalizes an adversary that attempts to learn one bit of information but gets detected in the process. Fair secure computation. Inspired by recent work, we consider a model of secure computation where a party that aborts after learning the output is monetarily penalized. We then propose an ideal transaction functionality FML and show a constant-round realization on the Bitcoin network. Then, in the FML-hybrid world we design a constant round protocol for secure computation in this model. Noninteractive bounties. We provide formal definitions and candidate realizations of noninteractive bounty mechanisms on the Bitcoin network which (1) allow a bounty maker to place a bounty for the solution of a hard problem by sending a single message, and (2) allow a bounty collector (unknown at the time of bounty creation) with the solution to claim the bounty, while (3) ensuring that the bounty maker can learn the solution whenever its bounty is collected, and (4) preventing malicious eavesdropping parties from both claiming the bounty as well as learning the solution. All our protocol realizations (except those realizing fair secure computation) rely on a special ideal functionality that is not currently supported in Bitcoin due to limitations imposed on Bitcoin scripts. Motivated by this, we propose validation complexity of a protocol, a formal complexity measure that captures the amount of computational effort required to validate Bitcoin transactions required to implement it in Bitcoin. Our protocols are also designed to take advantage of optimistic scenarios where participating parties behave honestly.read more
Citations
More filters
Proceedings ArticleDOI
Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts
TL;DR: In this article, the authors present Hawk, a decentralized smart contract system that does not store financial transactions in the clear on the blockchain, thus retaining transactional privacy from the public's view.
Journal ArticleDOI
Bitcoin and Beyond: A Technical Survey on Decentralized Digital Currencies
TL;DR: This survey unroll and structure the manyfold results and research directions of Bitcoin, and deduce the fundamental structures and insights at the core of the Bitcoin protocol and its applications.
Book ChapterDOI
The Bitcoin Backbone Protocol: Analysis and Applications
TL;DR: In this paper, the authors extract and analyze the core of the Bitcoin protocol and prove two fundamental properties which they call common prefix and chain quality in the static setting where the number of players remains fixed.
Posted Content
The Bitcoin Backbone Protocol: Analysis and Applications.
TL;DR: This work extracts and analyzes the core of the Bitcoin protocol, which is term the Bitcoin backbone, and proves two of its fundamental properties which are called common prefix and chain quality in the static setting where the number of players remains fixed.
Journal ArticleDOI
Integrated Blockchain and Edge Computing Systems: A Survey, Some Research Issues and Challenges
TL;DR: This survey investigates some of the work that has been done to enable the integrated blockchain and edge computing system and discusses the research challenges, identifying several vital aspects of the integration of blockchain andEdge computing: motivations, frameworks, enabling functionalities, and challenges.
References
More filters
Proceedings ArticleDOI
How to generate and exchange secrets
TL;DR: A new tool for controlling the knowledge transfer process in cryptographic protocol design is introduced and it is applied to solve a general class of problems which include most of the two-party cryptographic problems in the literature.
MonographDOI
Foundations of Cryptography
TL;DR: In this paper, the authors present a list of figures in the context of digital signatures and message authentication for general cryptographic protocols, including encryption, digital signatures, message authentication, and digital signatures.
Proceedings ArticleDOI
Founding crytpography on oblivious transfer
TL;DR: It is shown that this protocol, more commonly known as oblivious transfer, can be used to simulate a more sophisticated protocol,known as oblivious circuit evaluation([Y], and that with such a communication channel, one can have completely noninteractive zero-knowledge proofs of statements in NP.
Book ChapterDOI
Non-interactive verifiable computing: outsourcing computation to untrusted workers
TL;DR: Verifiable computation as mentioned in this paper allows a computationally weak client to outsource the computation of a function F on various dynamically-chosen inputs x 1,...,xk to one or more workers.