Risk Framework for Bitcoin Custody Operation with the Revault Protocol

• URL: http://arxiv.org/abs/2102.09392v2
• Date: Wed, 28 Apr 2021 10:45:34 GMT
• Title: Risk Framework for Bitcoin Custody Operation with the Revault Protocol
• Authors: Jacob Swambo and Antoine Poinsot
• Abstract summary: We present a risk model in the form of a library of attack-trees for Revault -- an open-source custody protocol. Our work exemplifies an approach that can be used independent of which custody protocol is being considered.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Our contributions with this paper are twofold. First, we elucidate the methodological requirements for a risk framework of custodial operations and argue for the value of this type of risk model as complementary with cryptographic and blockchain security models. Second, we present a risk model in the form of a library of attack-trees for Revault -- an open-source custody protocol. The model can be used by organisations as a risk quantification framework for a thorough security analysis in their specific deployment context. Our work exemplifies an approach that can be used independent of which custody protocol is being considered, including complex protocols with multiple stakeholders and active defence infrastructure.

Related papers

• On the Design and Security of Collective Remote Attestation Protocols [5.01030444913319]
  Collective remote attestation (CRA) is a security service that aims to efficiently identify compromised devices in a (heterogeneous) network. The last few years have seen an extensive growth in CRA protocol proposals, showing a variety of designs guided by different network topologies. We present Catt, a unifying framework for CRA protocols that enables them to be compared systematically.
  arXiv  Detail & Related papers  (2024-07-12T12:06:49Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• Performance-lossless Black-box Model Watermarking [69.22653003059031]
  We propose a branch backdoor-based model watermarking protocol to protect model intellectual property. In addition, we analyze the potential threats to the protocol and provide a secure and feasible watermarking instance for language models.
  arXiv  Detail & Related papers  (2023-12-11T16:14:04Z)
• Provably Secure Commitment-based Protocols over Unauthenticated Channels [0.0]
  We build a theoretic security framework to cover protocols whose characteristics may not always concur with existing models for authenticated exchanges. We propose a number of Commitment-based protocols to establish a shared secret between two parties, and study their resistance over unauthenticated channels. This means analyzing the security robustness of the protocol itself, and its robustness against Man-in-the-Middle attacks.
  arXiv  Detail & Related papers  (2023-07-28T10:35:35Z)
• Shared Adversarial Unlearning: Backdoor Mitigation by Unlearning Shared Adversarial Examples [67.66153875643964]
  Backdoor attacks are serious security threats to machine learning models. In this paper, we explore the task of purifying a backdoored model using a small clean dataset. By establishing the connection between backdoor risk and adversarial risk, we derive a novel upper bound for backdoor risk.
  arXiv  Detail & Related papers  (2023-07-20T03:56:04Z)
• FedZKP: Federated Model Ownership Verification with Zero-knowledge Proof [60.990541463214605]
  Federated learning (FL) allows multiple parties to cooperatively learn a federated model without sharing private data with each other. We propose a provable secure model ownership verification scheme using zero-knowledge proof, named FedZKP.
  arXiv  Detail & Related papers  (2023-05-08T07:03:33Z)
• Measuring Re-identification Risk [72.6715574626418]
  We present a new theoretical framework to measure re-identification risk in compact user representations. Our framework formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. We show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising.
  arXiv  Detail & Related papers  (2023-04-12T16:27:36Z)
• Categorical composable cryptography: extended version [1.1970409518725493]
  We formalize the simulation paradigm of cryptography in terms of category theory. We show that protocols secure against abstract attacks form a symmetric monoidal category. Our model is able to incorporate computational security, set-up assumptions and various attack models.
  arXiv  Detail & Related papers  (2022-08-28T15:07:00Z)
• Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond [57.10914865054868]
  We consider vertical logistic regression (VLR) trained with mini-batch descent gradient. We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
  arXiv  Detail & Related papers  (2022-07-19T05:47:30Z)
• Security of quantum key distribution from generalised entropy accumulation [2.1030878979833467]
  We provide a formal framework for general quantum key distribution protocols. We show that security against general attacks reduces to security against collective attacks. Our proof relies on a recently developed information-theoretic tool called generalised entropy accumulation.
  arXiv  Detail & Related papers  (2022-03-09T19:00:07Z)
• Composable Security for Multipartite Entanglement Verification [3.4806267677524896]
  We present a composably secure protocol allowing $n$ parties to test an entanglement generation resource controlled by a possibly dishonest party. The test consists only in local quantum operations and authenticated classical communication once a state is shared among them. Our protocol can typically be used as a subroutine in a Quantum Internet, to securely share a GHZ state among the network before performing a communication or computation protocol.
  arXiv  Detail & Related papers  (2020-04-16T14:33:17Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.