Blockchains' Oracle Authentication using Physical Context as 2FA
Abstract
Oracles are entities that feed blockchains with information from the external world. In this work, we use physical context-based authentication as a second factor of authentication to oracles. This idea takes advantage of information from the physical world to identify an oracle based on its behavior. Thus this strategy does not depend on trusty third parties. We implement our proposal for a distributed measuring system describe in the literature. Our results demonstrate that our proposal makes oracles' authentication more robust, since it aggregates physical context information and so offers natural protection against attacks involving measurements tampering.
Keywords:
blockchains, oracles, authentication
References
Adler, J., Berryhill, R., Veneris, A., Poulos, Z., Veira, N., and Kastania, A. (2018). As-traea: A decentralized blockchain oracle. In 2018 IEEE International Conference onInternet of Things (iThings) and IEEE Green Computing and Communications (Gre-enCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE SmartData (SmartData), pages 1145-1152. IEEE.
Ali, S. S.M., George, B., Vanajakshi, L., and Venkatraman, J. (2011). A Multiple LoopVehicle Detection System for Heterogeneous and Lane-less Traffic. IEEE Transactionson Instrumentation and Measurement 61(5):1413-1417.
Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Enyeart,D., Ferris, C., Laventman, G., Manevich, Y., Muralidharan, S., Murthy, C., Nguyen, B.,Sethi, M., Singh, G., Smith, K., Sorniotti, A., Stathakopoulou, C., Vukolié, M., Cocco,S. W., and Yellick, J. (2018). Hyperledger Fabric: A Distributed Operating Systemfor Permissioned Blockchains. In Proceedings of the Thirteenth EuroSys Conference,Porto, Portugal.
Cachin, C. and Vukolié, M. (2017). Blockchain Consensus Protocols in the Wild. In 37International Symposium on Distributed Computing, pages 1-16.
Christidis, K. and Devetsikiotis, M. (2016). Blockchains and Smart Contracts for theInternet of Things. IEEE Access, 4:2292-2303.
Companhia de Engenharia de Tráfego - CET (2017). Pesquisa de monitoramento da mobi-lidade: mobilidade no sistema viário principal: volume e velocidade - 2015. Technicalreport, Governo do Estado de São Paulo.
Dai, H.-N., Zheng, Z., and Zhang, Y. (2019). Blockchain for Internet of Things: A Survey.IEEE Internet of Things Journal, 6(5):8076-—-8094.
Dey, A. K. and Abowd, G. D. (1999). Towards a Better Understanding of Context andContext-Awareness. Computing Systems, 40(3):304-307.
Gordon, G. (2017). Provenance and Authentication of Oracle Sensor Data with BlockChain Lightweight Wireless Network Authentication Scheme for Constrained OracleSensors. Master thesis, Saint Mary's University, Halifax, Nova Scotia.
Habib, K. and Leister, W. (2015). Context-Aware Authentication for the Internet ofThings. In International Conference on Autonomic and Autonomous Systems Context-Aware, pages 134-139.
Juuti, M., Vaas, C., Sluganovic, I., Liljestrand, H., Asokan, N., and Martinovic, I. (2017).STASH: Securing transparent authentication schemes using prover-side proximity ve-rification. In 14th Annual IEEE International Conference on Sensing, Communication,and Networking (SECON).
Karapanos, N., Marforio, C., Soriente, C., and Capkun, S. (2015). Sound-proof: usabletwo-factor authentication based on ambient sound. Proceedings of the 24th USENIXConference on Security Symposium (SEC '15), pages 483-498.
Ki, Y. K. and Baik, D. K. (2006). Model for accurate speed measurement using double-loop detectors. IEEE Transactions on Vehicular Technology, 55(4):1094-1101.
Ma, L., Kaneko, K., Sharma, S., and Sakurai, K. (2019). Reliable decentralized oraclewith mechanisms for verification and disputation. Proceedings - 2019 7th InternationalSymposium on Computing and Networking Workshops, CANDARW 2019, pages 346-352.
Mammadzada, K., Igbal, M., Payman Milani, F., García-Baíuelos, L., and Matulevitius,R. (2020). Blockchain Oracles: A Framework for Blockchain-Based Applications(SLR Protocol and Results).
Mauw, S. and Piramuthu, S. (2013). A PUF-based authentication protocol to addressticket-switching of RFID-tagged items. Lecture Notes in Computer Science, 8th Inter-national Workshop on Security and Trust Management, 7783:209-224.
Melo Jr., W. S., Bessani, A., Neves, N., Santin, A. O., and Carmo, L. F.R. C. (2019).Using Blockchains to Implement Distributed Measuring Systems. IEEE Transactionson Instrumentation and Measurement, 68(5):1503-1512.
Melo Jr., W. S., Machado, R. C. S., and Carmo, L. F. (2018). Using Physical Context-Based Authentication against External Attacks: Models and Protocols. Security andCommunication Networks, 2018:1-15.
Nakamoto, S. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System. Available athttps://bitcoin.org/bitcoin.pdf.
Rostami, M., Juels, A., and Koushanfar, F. (2013). Heart-to-Heart (H2H): Authenticationfor Implanted Medical Devices. Proceedings of the 2013 ACM SIGSAC conference onComputer & communications security - CCS'13, pages 1099-1112.
Sousa, J., Bessani, A., and Vukolié, M. (2018). A Byzantine Fault-Tolerant OrderingService for the Hyperledger Fabric Blockchain Platform. In DSN'18: The IEEE/IFIPInternational Conference on Dependable Systems and Networks.
Vukolié, M. (2016). The quest for scalable blockchain fabric: Proof-of-work vs. BFTreplication. Lecture Notes in Computer Science (including subseries Lecture Notes inArtificial Intelligence and Lecture Notes in Bioinformatics), 9591:112-125.
WELMEC (2015). European Cooperation in Legal Metrology - WELMEC 7.2, 2015:Software Guide.
Zhang, F., Cecchetti, E., Croman, K., Juels, A., and Shi, E. (2016). Town Crier: Anauthenticated data feed for smart contracts. In 23rd ACM Conference on Computerand Communications Security, CCS 2016, pages 270-282.
Zheng, Z., Xie, S., Dai, H.-N., and Wang, H. (2017). Blockchain Challenges and Oppor-tunities : A Survey. International Journal of Web and Grid Services, pages 1-24.
Ali, S. S.M., George, B., Vanajakshi, L., and Venkatraman, J. (2011). A Multiple LoopVehicle Detection System for Heterogeneous and Lane-less Traffic. IEEE Transactionson Instrumentation and Measurement 61(5):1413-1417.
Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Enyeart,D., Ferris, C., Laventman, G., Manevich, Y., Muralidharan, S., Murthy, C., Nguyen, B.,Sethi, M., Singh, G., Smith, K., Sorniotti, A., Stathakopoulou, C., Vukolié, M., Cocco,S. W., and Yellick, J. (2018). Hyperledger Fabric: A Distributed Operating Systemfor Permissioned Blockchains. In Proceedings of the Thirteenth EuroSys Conference,Porto, Portugal.
Cachin, C. and Vukolié, M. (2017). Blockchain Consensus Protocols in the Wild. In 37International Symposium on Distributed Computing, pages 1-16.
Christidis, K. and Devetsikiotis, M. (2016). Blockchains and Smart Contracts for theInternet of Things. IEEE Access, 4:2292-2303.
Companhia de Engenharia de Tráfego - CET (2017). Pesquisa de monitoramento da mobi-lidade: mobilidade no sistema viário principal: volume e velocidade - 2015. Technicalreport, Governo do Estado de São Paulo.
Dai, H.-N., Zheng, Z., and Zhang, Y. (2019). Blockchain for Internet of Things: A Survey.IEEE Internet of Things Journal, 6(5):8076-—-8094.
Dey, A. K. and Abowd, G. D. (1999). Towards a Better Understanding of Context andContext-Awareness. Computing Systems, 40(3):304-307.
Gordon, G. (2017). Provenance and Authentication of Oracle Sensor Data with BlockChain Lightweight Wireless Network Authentication Scheme for Constrained OracleSensors. Master thesis, Saint Mary's University, Halifax, Nova Scotia.
Habib, K. and Leister, W. (2015). Context-Aware Authentication for the Internet ofThings. In International Conference on Autonomic and Autonomous Systems Context-Aware, pages 134-139.
Juuti, M., Vaas, C., Sluganovic, I., Liljestrand, H., Asokan, N., and Martinovic, I. (2017).STASH: Securing transparent authentication schemes using prover-side proximity ve-rification. In 14th Annual IEEE International Conference on Sensing, Communication,and Networking (SECON).
Karapanos, N., Marforio, C., Soriente, C., and Capkun, S. (2015). Sound-proof: usabletwo-factor authentication based on ambient sound. Proceedings of the 24th USENIXConference on Security Symposium (SEC '15), pages 483-498.
Ki, Y. K. and Baik, D. K. (2006). Model for accurate speed measurement using double-loop detectors. IEEE Transactions on Vehicular Technology, 55(4):1094-1101.
Ma, L., Kaneko, K., Sharma, S., and Sakurai, K. (2019). Reliable decentralized oraclewith mechanisms for verification and disputation. Proceedings - 2019 7th InternationalSymposium on Computing and Networking Workshops, CANDARW 2019, pages 346-352.
Mammadzada, K., Igbal, M., Payman Milani, F., García-Baíuelos, L., and Matulevitius,R. (2020). Blockchain Oracles: A Framework for Blockchain-Based Applications(SLR Protocol and Results).
Mauw, S. and Piramuthu, S. (2013). A PUF-based authentication protocol to addressticket-switching of RFID-tagged items. Lecture Notes in Computer Science, 8th Inter-national Workshop on Security and Trust Management, 7783:209-224.
Melo Jr., W. S., Bessani, A., Neves, N., Santin, A. O., and Carmo, L. F.R. C. (2019).Using Blockchains to Implement Distributed Measuring Systems. IEEE Transactionson Instrumentation and Measurement, 68(5):1503-1512.
Melo Jr., W. S., Machado, R. C. S., and Carmo, L. F. (2018). Using Physical Context-Based Authentication against External Attacks: Models and Protocols. Security andCommunication Networks, 2018:1-15.
Nakamoto, S. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System. Available athttps://bitcoin.org/bitcoin.pdf.
Rostami, M., Juels, A., and Koushanfar, F. (2013). Heart-to-Heart (H2H): Authenticationfor Implanted Medical Devices. Proceedings of the 2013 ACM SIGSAC conference onComputer & communications security - CCS'13, pages 1099-1112.
Sousa, J., Bessani, A., and Vukolié, M. (2018). A Byzantine Fault-Tolerant OrderingService for the Hyperledger Fabric Blockchain Platform. In DSN'18: The IEEE/IFIPInternational Conference on Dependable Systems and Networks.
Vukolié, M. (2016). The quest for scalable blockchain fabric: Proof-of-work vs. BFTreplication. Lecture Notes in Computer Science (including subseries Lecture Notes inArtificial Intelligence and Lecture Notes in Bioinformatics), 9591:112-125.
WELMEC (2015). European Cooperation in Legal Metrology - WELMEC 7.2, 2015:Software Guide.
Zhang, F., Cecchetti, E., Croman, K., Juels, A., and Shi, E. (2016). Town Crier: Anauthenticated data feed for smart contracts. In 23rd ACM Conference on Computerand Communications Security, CCS 2016, pages 270-282.
Zheng, Z., Xie, S., Dai, H.-N., and Wang, H. (2017). Blockchain Challenges and Oppor-tunities : A Survey. International Journal of Web and Grid Services, pages 1-24.
Published
2020-12-07
How to Cite
MELO JUNIOR, Wilson de Souza; CARMO, Luiz Fernando Rust da Costa.
Blockchains' Oracle Authentication using Physical Context as 2FA. In: BLOCKCHAIN WORKSHOP: THEORY, TECHNOLOGY AND APPLICATIONS (WBLOCKCHAIN), 3. , 2020, Rio de Janeiro.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2020
.
p. 27-40.
DOI: https://doi.org/10.5753/wblockchain.2020.12431.
