读书笔记（六）--Catena

Tomescu, Alin, and Srinivas Devadas. “Catena: Efficient nonequivocation via bitcoin.” 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 2017.

A. Problem Statement

The paper targets the problem of new encryption method based on the blockchain. Particularly, how Catena uses Bitcoin’s underlying blockchain technology to prevent identity theft and encryption attacks?

B. Problem Significance

Blockchain and cryptocurrency technologies are not yet mature. There are still some initial problems and weaknesses in practice, and they lack a wide range of applications, which Catena accelerate the development of the technology and provide an extended test base for new technology solutions.
Specializing in blockchain-based cryptocurrency technology, it is expected to advance the significant development of cryptocurrencies and blockchains. At the same time, Catena also assumed the role of promotion of cryptocurrency. Catena completes the ambiguity elimination of encryption technology according to the bitcoin blockchain. Here, it is a very important issue to say different things to different organizations and bring more secure algorithms.

C. State of the Art

Bitcoin blockchains are immutable and decentralized in nature. To change the data set implemented by the Bitcoin blockchain, you need to break and modify the entire
distributed ledger. Therefore, it is impossible to attack and modify the integrated data set in the Bitcoin block. A key element of Catena’s system is that it does not record all public keys that are authenticated by the public key cryptosystem. Bitcoin transactions provide space for an 80-character text comment, but this is not enough to store all public keys. However, this can be used to store cryptographic signatures associated with these public keys.
Catena - just added to record the public statement each bitcoin transaction must involve the actual bitcoin transfer requirements. The user can simply transfer the bitcoin to himself, but this eliminates the possibility of transferring bitcoin to anyone else in the same block of the blockchain. Therefore, it also excludes equivocation within the block. In order to prevent equivocation between blocks, it is still necessary to confirm that the bitcoin that the Catena user spends in one block is the same as the bitcoin it spent last public assertion. But again, because the ability to verify the Bitcoin chain of custody is critical to the success of the entire Bitcoin system, it’s relatively easy. People who want to use Catena to audit all public assertions for a given Web service still need to download information from each block of the blockchain. But they only need to download a small encryption certificate for each block - about 600 bytes - instead of the full megabyte data of the block.
The Catena design concept has a log server, a client and a Header Relay Network (HRN). First, Catena uses Bitcoin blockchain technology and can reduce downloads because there is no need to download irrelevant content, using Merkle’s root to ensure non-equivocation. Catena ensures Key transparency, which prevents Man-in-the-middle (MITM) attacks. At the same time, Blockchain-based transparency can replace Bloom filtering, which means you can use Catena to track the Blockstack operations mentioned in the previous article. Software transparency can help us reject malware binary files. At the same time, Catena can also anonymize users in Tor. Moreover, Catena agrees on the collection of fees, which is fixed, so as to avoid one party opening a high price and generating a monopoly.
Back to the log server is the main role in Catena, but also plays a role in expanding the number of customers, spreading transactions and embedding them in Bitcoin’s P2P network. Because the HRN and P2P networks are connected, the customer usually confirms by querying the HRN. This avoids using too many Bitcoin P2P networks. Just taking the block header can also make the auditing cost very low. Catena checks each statement and can trace back to the genesis transaction.

D. Contributions

This paper proposes how the unchangeable blockchain of Bitcoin can be used to protect data for individuals and corporate organizations. Catena can be used by any service or application that wants to prove the linear history of its statements to its customers.
Essentially, the MIT research team’s cryptographic attack defence method uses a bitcoin-based detection system that sends a network alert if an erroneous encryption key wants to cancel the real encryption key. During the encryption attack, the attacker breaks into a public key encryption system and proves that a wrong encryption key is used to convince the user to disclose confidential information. By using this encryption key, an attacker can break through the system and steal sensitive data and valuable information. The problem with this type of encryption attack is that the wrong encryption key cannot cancel the real encryption key without triggering the system alarm. Usually, the system will have two encryption keys. In this way, the system and the user will not know if the real encryption key is being used to extract information.
This paper and the system developed by his MIT research team used the bitcoin public blockchain to solve this ambiguous problem of cryptographic attacks. Using Bitcoin’s unchangeability, Catena is a way to prevent online service attack spoofing and use incorrect encryption keys. Using Bitcoin will allow the system to prevent identity theft, and Catena will be implemented on a commercial scale, which could help large companies save millions of dollars a year. The paper is about using bitcoin to protect network services from fraud. When you are creating a distributed system and these systems will send digital signatures to each other, for example, these systems may be destroyed, and they may lie. They may say different things to different people. Catena prevents this. The Catena outlined in the paper is a practical idea that can be easily used and implemented. The abstract concept articulated in this paper is really a good idea—an idea that creates a smaller blockchain or linked list in a blockchain, specific to an account or purpose. It’s very cool, very good, easy to use, and clear.

E. Remaining Questions

Catena architecture is above Bitcoin, and various features are also dependent on Bitcoin. Possible attacks are also attacking against Bitcoin. If Bitcoin forks have problems, is Catena facing a crash?