The Library
Authenticated key exchange over bitcoin
Tools
McCorry, Patrick, Shahandashti, Siamak F., Clarke, Dylan and Hao, Feng (2015) Authenticated key exchange over bitcoin. In: Second International Conference, SSR 2015 , Tokyo, Japan, 15-16 Dec 2015. Published in: Security Standardisation Research, 9497 pp. 3-20. ISBN 9783319271514. doi:10.1007/978-3-319-27152-1_1 ISSN 0302-9743.
Research output not available from this repository.
Request-a-Copy directly from author or use local Library Get it For Me service.
Official URL: http://dx.doi.org/10.1007/978-3-319-27152-1_1
Abstract
Bitcoin is designed to protect user anonymity (or pseudonymity) in a financial transaction, and has been increasingly adopted by major ecommerce websites such as Dell, PayPal and Expedia. While the anonymity of Bitcoin transactions has been extensively studied, little attention has been paid to the security of post-transaction correspondence. In a commercial application, the merchant and the user often need to engage in follow-up correspondence after a Bitcoin transaction is completed, e.g., to acknowledge the receipt of payment, to confirm the billing address, to arrange the product delivery, to discuss refund and so on. Currently, such follow-up correspondence is typically done in plaintext via email with no guarantee on confidentiality. Obviously, leakage of sensitive data from the correspondence (e.g., billing address) can trivially compromise the anonymity of Bitcoin users. In this paper, we initiate the first study on how to realise end-to-end secure communication between Bitcoin users in a post-transaction scenario without requiring any trusted third party or additional authentication credentials. This is an important new area that has not been covered by any IEEE or ISO/IEC security standard, as none of the existing PKI-based or password-based AKE schemes are suitable for the purpose. Instead, our idea is to leverage the Bitcoin’s append-only ledger as an additional layer of authentication between previously confirmed transactions. This naturally leads to a new category of AKE protocols that bootstrap trust entirely from the block chain. We call this new category “Bitcoin-based AKE” and present two concrete protocols: one is non-interactive with no forward secrecy, while the other is interactive with additional guarantee of forward secrecy. Finally, we present proof-of-concept prototypes for both protocols with experimental results to demonstrate their practical feasibility.
Item Type: | Conference Item (Paper) | ||||
---|---|---|---|---|---|
Divisions: | Faculty of Science, Engineering and Medicine > Science > Computer Science | ||||
Journal or Publication Title: | Security Standardisation Research | ||||
Publisher: | Springer | ||||
ISBN: | 9783319271514 | ||||
ISSN: | 0302-9743 | ||||
Book Title: | Security Standardisation Research | ||||
Official Date: | 9 December 2015 | ||||
Dates: |
|
||||
Volume: | 9497 | ||||
Page Range: | pp. 3-20 | ||||
DOI: | 10.1007/978-3-319-27152-1_1 | ||||
Status: | Not Peer Reviewed | ||||
Publication Status: | Published | ||||
Access rights to Published version: | Restricted or Subscription Access | ||||
Conference Paper Type: | Paper | ||||
Title of Event: | Second International Conference, SSR 2015 | ||||
Type of Event: | Conference | ||||
Location of Event: | Tokyo, Japan | ||||
Date(s) of Event: | 15-16 Dec 2015 |
Request changes or add full text files to a record
Repository staff actions (login required)
View Item |