Curbing Address Reuse in the IOTA Distributed Ledger: A Cuckoo-Filter-Based Approach | IEEE Journals & Magazine | IEEE Xplore

Curbing Address Reuse in the IOTA Distributed Ledger: A Cuckoo-Filter-Based Approach


Abstract:

IOTA is a lightweight quantum-resistant distributed ledger protocol designed for Internet of Things devices. The protocol uses a one-time cryptographic signature scheme t...Show More
Topic: Blockchain Ecosystem: Technological and Management Challenges and Opportunities

Abstract:

IOTA is a lightweight quantum-resistant distributed ledger protocol designed for Internet of Things devices. The protocol uses a one-time cryptographic signature scheme that is resistant against attacks by quantum computers. This one-time signature scheme results in a portion of an address's private key being revealed in the signature of each outgoing transaction from that address. If an address is used for multiple outgoing transfers, it is feasible for an adversary to forge a signature by using parts of the private key associated with the address that have been revealed. In this paper, we propose the use of the cuckoo filter in the IOTA core lightweight client in order to avoid address reuse. We validate our proposed approach by implementation and evaluation in the real IOTA architecture. The obtained performance results show that the cuckoo filter integration in the IOTA core lightweight client avoids address reuse and makes the process of new address generation much more efficient and secure. Additionally, our approach can be integrated directly into the current IOTA core lightweight client.
Topic: Blockchain Ecosystem: Technological and Management Challenges and Opportunities
Published in: IEEE Transactions on Engineering Management ( Volume: 67, Issue: 4, November 2020)
Page(s): 1244 - 1255
Date of Publication: 03 July 2019

ISSN Information:

Author image of Sehrish Shafeeq
Department of Computer Science, Cyber Security Lab, COMSATS University, Islamabad, Pakistan
Sehrish Shafeeq received the M.S. degree in information security from COMSATS University, Islamabad, Pakistan, in 2019.
Her research interests include the Internet of Things, access control systems, cybersecurity, cloud computing, and blockchain.
Sehrish Shafeeq received the M.S. degree in information security from COMSATS University, Islamabad, Pakistan, in 2019.
Her research interests include the Internet of Things, access control systems, cybersecurity, cloud computing, and blockchain.View more
Author image of Sherali Zeadally
College of Communication and Information, University of Kentucky, Lexington, KY, USA
Sherali Zeadally received the bachelor's degree from the University of Cambridge, Cambridge, U.K., in 1991, and the Doctoral degree from the University of Buckingham, Buckingham, U.K., in 1996, both in computer science.
He is currently an Associate Professor with the College of Communication and Information, University of Kentucky, Lexington, KY, USA. His research interests include cybersecurity, privacy, Internet of Thing...Show More
Sherali Zeadally received the bachelor's degree from the University of Cambridge, Cambridge, U.K., in 1991, and the Doctoral degree from the University of Buckingham, Buckingham, U.K., in 1996, both in computer science.
He is currently an Associate Professor with the College of Communication and Information, University of Kentucky, Lexington, KY, USA. His research interests include cybersecurity, privacy, Internet of Thing...View more
Author image of Masoom Alam
Department of Computer Science, Cyber Security Lab, COMSATS University, Islamabad, Pakistan
Masoom Alam received the Ph.D. degree in information security from the University of Innsbruck, Innsbruck, Austria, 2007.
He is currently a Tenured Associate Professor with the Department of Computer Science, COMSATS University, Islamabad, Pakistan. He has more than 18 years of experience in teaching, system administration, and research and development in information security. He has completed two funded project from Natio...Show More
Masoom Alam received the Ph.D. degree in information security from the University of Innsbruck, Innsbruck, Austria, 2007.
He is currently a Tenured Associate Professor with the Department of Computer Science, COMSATS University, Islamabad, Pakistan. He has more than 18 years of experience in teaching, system administration, and research and development in information security. He has completed two funded project from Natio...View more
Author image of Abid Khan
Department of Computer Science, Cyber Security Lab, COMSATS University, Islamabad, Pakistan
Abid Khan received the Ph.D. degree in computer science/applied cryptography from the Harbin Institute of Technology, Harbin, China, in 2008.
He is currently an Assistant Professor with the Department of Computer Science, COMSATS University, Islamabad, Pakistan. He was a Postdoctoral Fellow with the Politecnico de Torino, Torino, Italy, from 2009 to 2011. He has more than 11 years of teaching, research, and development exp...Show More
Abid Khan received the Ph.D. degree in computer science/applied cryptography from the Harbin Institute of Technology, Harbin, China, in 2008.
He is currently an Assistant Professor with the Department of Computer Science, COMSATS University, Islamabad, Pakistan. He was a Postdoctoral Fellow with the Politecnico de Torino, Torino, Italy, from 2009 to 2011. He has more than 11 years of teaching, research, and development exp...View more

Author image of Sehrish Shafeeq
Department of Computer Science, Cyber Security Lab, COMSATS University, Islamabad, Pakistan
Sehrish Shafeeq received the M.S. degree in information security from COMSATS University, Islamabad, Pakistan, in 2019.
Her research interests include the Internet of Things, access control systems, cybersecurity, cloud computing, and blockchain.
Sehrish Shafeeq received the M.S. degree in information security from COMSATS University, Islamabad, Pakistan, in 2019.
Her research interests include the Internet of Things, access control systems, cybersecurity, cloud computing, and blockchain.View more
Author image of Sherali Zeadally
College of Communication and Information, University of Kentucky, Lexington, KY, USA
Sherali Zeadally received the bachelor's degree from the University of Cambridge, Cambridge, U.K., in 1991, and the Doctoral degree from the University of Buckingham, Buckingham, U.K., in 1996, both in computer science.
He is currently an Associate Professor with the College of Communication and Information, University of Kentucky, Lexington, KY, USA. His research interests include cybersecurity, privacy, Internet of Things, computer networks, mobile computing, and energy-efficient networking.
Dr. Zeadally is a Fellow of the British Computer Society and the Institution of Engineering Technology, U.K.
Sherali Zeadally received the bachelor's degree from the University of Cambridge, Cambridge, U.K., in 1991, and the Doctoral degree from the University of Buckingham, Buckingham, U.K., in 1996, both in computer science.
He is currently an Associate Professor with the College of Communication and Information, University of Kentucky, Lexington, KY, USA. His research interests include cybersecurity, privacy, Internet of Things, computer networks, mobile computing, and energy-efficient networking.
Dr. Zeadally is a Fellow of the British Computer Society and the Institution of Engineering Technology, U.K.View more
Author image of Masoom Alam
Department of Computer Science, Cyber Security Lab, COMSATS University, Islamabad, Pakistan
Masoom Alam received the Ph.D. degree in information security from the University of Innsbruck, Innsbruck, Austria, 2007.
He is currently a Tenured Associate Professor with the Department of Computer Science, COMSATS University, Islamabad, Pakistan. He has more than 18 years of experience in teaching, system administration, and research and development in information security. He has completed two funded project from National ICT R&D. He is the Director of the CyberSecurity Lab, COMSATS University, where his research focuses on highly specialized topics of security such as security monitoring, cross domain access control in enterprise resource planning systems, trusted computing, access control, and security in open-source mobile platforms.
Masoom Alam received the Ph.D. degree in information security from the University of Innsbruck, Innsbruck, Austria, 2007.
He is currently a Tenured Associate Professor with the Department of Computer Science, COMSATS University, Islamabad, Pakistan. He has more than 18 years of experience in teaching, system administration, and research and development in information security. He has completed two funded project from National ICT R&D. He is the Director of the CyberSecurity Lab, COMSATS University, where his research focuses on highly specialized topics of security such as security monitoring, cross domain access control in enterprise resource planning systems, trusted computing, access control, and security in open-source mobile platforms.View more
Author image of Abid Khan
Department of Computer Science, Cyber Security Lab, COMSATS University, Islamabad, Pakistan
Abid Khan received the Ph.D. degree in computer science/applied cryptography from the Harbin Institute of Technology, Harbin, China, in 2008.
He is currently an Assistant Professor with the Department of Computer Science, COMSATS University, Islamabad, Pakistan. He was a Postdoctoral Fellow with the Politecnico de Torino, Torino, Italy, from 2009 to 2011. He has more than 11 years of teaching, research, and development experience. He has supervised a number of M.S. and Ph.D. students over the last few years. His research interests include applied cryptography, blockchain security, and algorithms.
Dr. Khan is an Associate Editor for the IEEE Access.
Abid Khan received the Ph.D. degree in computer science/applied cryptography from the Harbin Institute of Technology, Harbin, China, in 2008.
He is currently an Assistant Professor with the Department of Computer Science, COMSATS University, Islamabad, Pakistan. He was a Postdoctoral Fellow with the Politecnico de Torino, Torino, Italy, from 2009 to 2011. He has more than 11 years of teaching, research, and development experience. He has supervised a number of M.S. and Ph.D. students over the last few years. His research interests include applied cryptography, blockchain security, and algorithms.
Dr. Khan is an Associate Editor for the IEEE Access.View more

References

References is not available for this document.