Cryptocurrencies like Bitcoin are increasingly popular. At first glance, they have many advantages: transactions are generally anonymous, fast and inexpensive. But sometimes there are issues with them. In some situations, fraud is possible, users may discover information about other users that should be kept secret, and sometimes delays occur.
The “Security and Privacy” research unit of TU Wien (Lukas Aumayr and his supervisor Prof. Matteo Maffei) in collaboration with the IMDEA Software Institute (Prof. Pedro Moreno-Sanchez, previously postdoc at TU Wien) and the Purdue University (Prof. Aniket Kate) analyzed these issues and developed an improved protocol. It has now been published and will be presented this year at the USENIX Security Symposium – one of the world’s “Big Four” conferences on computer security, considered very prestigious.
The Bitcoin Bottleneck
“It has long been known that Bitcoin and other blockchain technologies have a scalability problem: there can only be a maximum of ten transactions per second,” explains Lukas Aumayr of the Security and Safety Research Unit. confidentiality of TU Wien. “That’s very low compared to credit card companies, for example, which conduct tens of thousands of transactions per second around the world.”
One approach to solving this problem is the “Lightning Network” – an additional network of payment channels between blockchain users. For example, if two people want to process many transactions in a short period of time, they can exchange payments directly with each other in this way, without each individual transaction being published on the blockchain. It is only at the beginning and at the end of this series of transactions that there is an official entry into the blockchain.
These “secondary branches” of the blockchain can also be made relatively complicated, with multiple user chains. “Problems can arise during the process,” says Lukas Aumayr. “In some cases, users can then get data about other users. In addition, each member of this chain has to contribute a certain amount of money, which is locked in as collateral. Sometimes a transaction fails, then a lot of money. Money can stay locked up for a relatively long period of time – the more people involved, the longer.
Mathematically exclude vulnerabilities
The TU Wien research team analyzed how this transaction protocol can be improved and developed as an alternative construction. “You can analyze the security of such protocols using formal methods. Thus, we can mathematically prove that our new protocol does not allow certain errors and certain problems in any situation, ”explains Aumayr.
This makes it possible to exclude very specific critical security attacks that were previously possible, and also to avoid long-term money blocking: “Previously, two communication cycles were necessary: in the first round, the money is locked , in the second round, it is released – or refunded if there is a problem. This could mean an extra day of delay for each user on that chain. With our protocol, the communication chain only needs to be executed once. ” , explains Lukas Aumayr.
Simulation proves practicality
However, it is not only the fundamental logical structure of the new protocol that is important, but also its practicality. Therefore, the team simulated in a network of payment channels the behavior of the new technology compared to the previous Lightning network. The advantages of the new protocol have become particularly evident: depending on the situation, for example whether or not there are attacks and fraud attempts, the new protocol results in a factor of 4 to 33 fewer failed transactions than with the network. Conventional lightning.
The TU Wien team is already in contact with development organizations in the Lightning Network. “Of course, we hope that our technology will be quickly deployed, or at least offered as a safer alternative to current technology,” says Lukas Aumayr. “Technically, it could be implemented immediately.”
Forschungsbereich „Security and privacy
Institut für Logic and Computation
Favoritenstraße 9-11, 1040 Vienna, Österreich
+43 1 58801 192611
Warning: AAAS and EurekAlert! are not responsible for the accuracy of any press releases posted on EurekAlert! by contributing institutions or for the use of any information via the EurekAlert system.