Research on Wallet Protection Against Currency Failure in Blockchain

doi:10.3778/j.issn.1673-9418.1912056

Abstract

Abstract:

The protection of blockchain wallet is the basis of secure transaction in blockchain. Private key is the core of wallet security. The private key cannot be protected based on a reliable third party. Therefore, the loss or theft of private key will lead to the loss of customer property. To solve this problem, a distributed protection and recovery mechanism is proposed. Every wallet private key is divided into multiple key fragments by threshold key mechanism according to the network scale. Even if the wallet is offline, the threshold number of holders holding key fragements from the wallet cooperates to distribute key fragments to new members, which keeps the update of key fragments synchronized. When the key is lost, the number of private key fragments exceeding the threshold of half the blockchain member scale can ensure the recovery of the private key. The dynamic threshold mechanism design makes the attacker must attack more than half of the members to steal the wallet private key successfully. The hash based shard key tree can quickly detect the number of key fragments smaller than the specified size, the invalid key fragments are detected and eliminated efficiently in the network, and the integrity of the global private key is guaranteed. The suggested method of wallet protection is feasible from the aspect of secure storage.

Key words: blockchain, wallet, threshold cryptography, distributed storage, security

摘要：

区块链钱包保护是区块链中的安全交易基础，私钥是钱包安全的核心，私钥不能基于可靠第三方进行保护，因此私钥丢失或被盗将导致客户财产的损失。针对该问题，提出一种分布式钱包保护和恢复机制，通过门限密钥机制根据网络规模将钱包私钥分成多份密钥碎片，即使密钥持有者离线，门限数量的持有者为新成员分配密钥碎片，保持密钥碎片更新的同步，当密钥丢失后，超过区块链成员规模半数的私钥碎片能够保证私钥的恢复，动态的门限机制设计使得攻击者必须成功攻击半数成员以上才能窃取钱包私钥。基于哈希值的碎片密钥树能够快速检测出规模小于规定数量的密钥碎片，消除网络中失效的密钥碎片，保证全局私钥的完整性。建议方案证明通过安全存储方式保护钱包是可行的。

关键词: 区块链, 钱包, 门限密钥, 分布式存储, 安全

ZHOU Jian, SUN Liyan, FU Ming. Research on Wallet Protection Against Currency Failure in Blockchain[J]. Journal of Frontiers of Computer Science and Technology, 2020, 14(12): 2039-2049.

周健，孙丽艳，付明. 抗货币失效的区块链钱包保护协议研究[J]. 计算机科学与探索, 2020, 14(12): 2039-2049.

References

[1] Underwood S. Blockchain beyond bitcoin[J]. Communications of the ACM, 2016, 59(11): 15-17.
[2] Nakamoto S. Bitcoin: a peer-to-peer electronic cash system [EB/OL]. [2019-09-24]. https://bitcoin.org/bitcoin.pdf.
[3] Salah K, Rehman M H, Nizamuddin N, et al. Blockchain for AI: review and open research challenges[J]. IEEE Access, 2019, 7: 10127-10149.
[4] Ferrag M A, Derdour M, Mukherjee M, et al. Blockchain technologies for the internet of things: research issues and challenges[J]. IEEE Internet of Things Journal, 2018, 6(2): 2188-2204.
[5] Agbo C, Mahmoud Q, Eklund J. Blockchain technology in healthcare: a systematic review[J]. Healthcare, 2019, 7(2): 56.
[6] Wang X, Feng L B, Zhang H. Human resource information management model based on blockchain technology[C]//Proceedings of the 2017 IEEE Symposium on Service-Oriented System Engineering, San Francisco, Apr 6-9, 2017. Washington: IEEE Computer Society, 2017: 168-173.
[7] Boireau O. Securing the blockchain against hackers[J]. Network Security, 2018(1): 8-11.
[8] Feng Q, He D H, Zeadally S, et al. A survey on privacy protection in blockchain system[J]. Journal of Network and Computer Applications, 2018, 126: 45-58.
[9] Shen X, Pei Q Q, Liu X F. Survey of block chain[J]. Chinese Journal of Network and Information Security, 2016, 2(11): 11-20. 沈鑫, 裴庆祺, 刘雪峰. 区块链技术综述[J]. 网络与信息安全学报, 2016, 2(11): 11-20.
[10] Singh S, Singh N. Blockchain: future of financial and cyber security[C]//Proceedings of the 2nd International Conference on Contemporary Computing and Informatics, Noida, Dec 14-17, 2016. Piscataway: IEEE, 2016: 463-467.
[11] Dasgupta D, Shrein J M, Gupta K D. A survey of blockchain from security perspective[J]. Journal of Banking and Financial Technology, 2019, 3(1): 1-17.
[12] Kaushal P K, Bagga A, Sobti R. Evolution of bitcoin and security risk in bitcoin wallets[C]//Proceedings of the 2017 International Conference on Computer, Communications and Electronics, Jaipur, Jul 1-2, 2017. Piscataway: IEEE, 2017: 172-177.
[13] Liu A D, Du X H, Wang N. Research progress of blockchain technology and its application in information security[J]. Journal of Software, 2018, 29(7): 2092-2115. 刘敖迪, 杜学绘, 王娜. 区块链技术及其在信息安全领域的研究进展[J]. 软件学报, 2018, 29(7): 2092-2115.
[14] Wang H, Song X F, Ke J M, et al. Blockchain and privacy preserving mechanisms in cryptocurrency[J]. Netinfo Security, 2017(7): 32-39. 王皓, 宋祥福, 柯俊明, 等. 数字货币中的区块链及其隐私保护机制[J]. 信息网络安全, 2017(7): 32-39.
[15] Zhu L H, Gao F, Shen M. Survey on privacy preserving techniques for blockchain technology[J]. Journal of Computer Research and Development, 2017, 54(10): 2170-2186.祝烈煌, 高峰, 沈蒙. 区块链隐私保护研究综述[J]. 计算机研究与发展, 2017, 54(10): 2170-2186.
[16] Zheng Z, Xie S, Dai H, et al. An overview of blockchain technology: architecture, consensus, and future trends[C]//Proceedings of the 2017 IEEE International Congress on Big Data, Honolulu, Jun 25-30, 2017. Piscataway: IEEE, 2017: 557-564.
[17] Desmedt Y G. Threshold cryptography[J]. European Transactions on Telecommunications, 1994, 5(4): 449-458.
[18] Liu Y, Li R, Liu X. An efficient method to enhance Bitcoin wallet security[C]//Proceedings of the 11th IEEE International Conference on Anti-counterfeiting, Security, and Identification, Xiamen, Oct 27-29, 2017. Piscataway: IEEE, 2017: 26-29.
[19] Bamert T, Decker C, Wattenhofer R, et al. Bluewallet: the secure bitcoin wallet[C]//LNCS 8743: Proceedings of the 10th International Workshop on Security and Trust Management, Wroclaw, Sep 10-11, 2014. Berlin, Heidelberg: Springer, 2014: 65-80.
[20] Kolb J, AbdelBaky M, Katz R H. Core concepts, challenges, and future directions in blockchain: a centralized tutorial[J]. ACM Computing Surveys, 2020, 53(1): 1-39.
[21] Shao Q F, Jin C Q, Zhang Z. Blockchain: architecture and research progress[J]. Chinese Journal of Computers, 2018, 41(5): 969-988. 邵奇峰, 金澈清, 张召. 区块链技术: 架构及进展[J]. 计算机学报, 2018, 41(5): 969-988.
[22] Zhou Z C, Li L X, Guo S, et al. Biometric and password two-factor cross domain authentication scheme based on blockchain technology[J]. Journal of Computer Applications, 2018, 38(6): 1620-1627. 周致成, 李立新, 郭松, 等. 基于区块链技术的生物特征和口令双因子跨域认证方案[J]. 计算机应用, 2018, 38(6): 1620-1627.
[23] Gennaro R, Goldfeder S, Narayanan A. Threshold optimal DSA/ECDSA signatures and an application to bitcoin wallet security[C]//LNCS 9696: Proceedings of the 14th International Conference on Applied Cryptography and Network Security, Guildford, Jun 19-22, 2016. Berlin, Heidelberg: Springer, 2016: 156-174.
[24] Dikshit P, Sing K. Weighted threshold ECDSA for securing bitcoin wallet[C]//Proceedings of the ISEA Asia Security and Privacy, Surat, Feb 2-3, 2017. Piscataway: IEEE, 2017: 1-4.
[25] Goldfeder S, Bonneau J, Kroll J A, et al. Securing bitcoin wallets via threshold signatures[R/OL]. Princeton: Princeton University, Feb 27, 2019: 1-14[2019-09-24]. http://diyhpl.us/~bryan/papers2/bitcoin/Securing%20Bitcoin%20wallets%20via%20threshold%20signatures.pdf.
[26] Shamir A. How to share a secret[J]. Communications of the ACM, 1979, 22(11): 612-613.