In:
The Computer Journal, Oxford University Press (OUP), Vol. 65, No. 9 ( 2022-09-16), p. 2430-2438
Abstract:
A redactable consortium blockchain (RCB) can build a trust layer for industrial internet of things (IIoT) so as to enable IIoT to resist certain powerful attacks resulting in improper block content. The redactability is particularly important for blockchains applied in IIoT with valuable or sensitive activities such as financial IoT or energy-trading IoT. Huang et al. proposed a threshold chameleon hash (TCH) scheme and then constructed an accountable-and-sanitizable chameleon signature scheme based on TCH. These two primitives are further used as fundamental modules to build an RCB, which empowers IIoT devices to operate the blockchain in a controllable way. However, our paper shows that Huang et al.’s RCB suffers from a security problem that weakens the crucial redactability. Specifically, we find out that if a transaction in a given block is legally redacted by all authorized sensors who collectively hold the private redacting key, anyone (without any private information) can further redact this redacted transaction and delete any transaction within this redacted block and, meanwhile, any sensor user with a private signing (not redacting) key can insert a forged transaction into this redacted block. We further address this threat by replacing the TCH module in Huang et al.’s RCB with our designed TCH.
Type of Medium:
Online Resource
ISSN:
0010-4620
,
1460-2067
DOI:
10.1093/comjnl/bxab080
Language:
English
Publisher:
Oxford University Press (OUP)
Publication Date:
2022
detail.hit.zdb_id:
1477172-X
Permalink