Author: | Liu, Zhonghao |
Title: | Improving the security and reliability of application systems with blockchain technology |
Advisors: | Xiao, Bin (COMP) |
Degree: | M.Phil. |
Year: | 2023 |
Subject: | Blockchains (Databases) Application software -- Development Computer networks -- Security measures Hong Kong Polytechnic University -- Dissertations |
Department: | Department of Computing |
Pages: | xi, 89 pages : color illustrations |
Language: | English |
Abstract: | As the backbone of cryptocurrencies, blockchain technology records data in a chain of blocks and brings features, including decentralization and immutability, by cooperating with other core technologies. Many researchers start to explore the combination between blockchain technology and application system for improving system security and reliability. In this thesis, we focus on two application systems of the electronic voting system (E-voting system) and audit log system, and improve their security and reliability by utilizing blockchain and related technologies. Firstly, we note that existing E-voting systems cannot cover five core requirements in E-voting, i.e., auditability, privacy, authentication, correctness, and unreusability, which make them unpractical in the reality. We propose a Double Blockchain-based E-voting (DBE-voting) system, which consists of a private blockchain and a public blockchain. In the DBE-voting system, the voter information is only recorded in the private blockchain for further auditing and the voting results are recorded in both blockchains. This design ensures the voter’s privacy can be protected in the private blockchain while the voting results can be queried in the public blockchains for verifying the correctness of the election process. Moreover, the ballot recorded in both blockchains is signed with a valid linkable ring signature to ensure authentication and unreusability. We propose an on-chain and off-chain hybrid storage mechanism to ensure the consistency and correctness of voting data in the private blockchain and public blockchain. To evaluate our system, we implement a prototype of our system by Hyperledger Fabric. Experimental results demonstrate that the throughput of our system can reach 29 transactions per second when the block size is 512 KB. Furthermore, the security analysis shows that DBE-voting is the first blockchain-based system that can meet all five requirements for E-voting simultaneously. Secondly, we find that current audit log systems have a requirement of trusting the logger and auditor which may be compromised. Their centralized storage of log files also can cause single-point failure, preventing them from achieving data integrity. We propose a blockchain-based audit log system to address the above drawbacks while ensuring data integrity. We propose a general threat model in which the logger and auditor can both be untrusted and the log provider is trusted only when it generates log files. Under this threat model, we design a blockchain-based audit log system with multiple loggers and auditors to protect data integrity that can tolerate a certain number of malicious nodes. Our system adopts an efficient integrity proof generation method, which generates a sub-Non-Fungible Token (sub-NFT) for each log file and keeps it on the blockchain as the integrity proof. This method saves blockchain space and resolves the single-point failure problem by outsourcing log files to a distributed file system, the InterPlanetary File System (IPFS). To evaluate our system, we implement a prototype by Hyperledger Fabric. The results demonstrate that our system is reliable to tolerate one-third of colluded loggers and auditors. Our proof generation method can save approximately 50% storage space for Hyperledger Fabric compared with other blockchain-based audit log systems. Moreover, we provide security analysis to show that our system ensures log file data integrity under the general threat model. |
Rights: | All rights reserved |
Access: | open access |
Copyright Undertaking
As a bona fide Library user, I declare that:
- I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
- I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
- I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.
By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.
Please use this identifier to cite or link to this item:
https://theses.lib.polyu.edu.hk/handle/200/12549