[{"publication_identifier":{"issn":["1868-8969"],"isbn":["9783959773034"]},"month":"10","doi":"10.4230/LIPIcs.AFT.2023.7","conference":{"end_date":"2023-10-25","start_date":"2023-10-23","location":"Princeton, NJ, United States","name":"AFT: Conference on Advances in Financial Technologies"},"language":[{"iso":"eng"}],"tmp":{"name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","short":"CC BY (4.0)","image":"/images/cc_by.png"},"oa":1,"main_file_link":[{"url":"https://eprint.iacr.org/2021/1643","open_access":"1"}],"quality_controlled":"1","file_date_updated":"2023-11-13T08:44:34Z","article_number":"7","author":[{"full_name":"Beaver, Donald","first_name":"Donald","last_name":"Beaver"},{"first_name":"Mahimna","last_name":"Kelkar","full_name":"Kelkar, Mahimna"},{"first_name":"Kevin","last_name":"Lewi","full_name":"Lewi, Kevin"},{"first_name":"Valeria","last_name":"Nikolaenko","full_name":"Nikolaenko, Valeria"},{"full_name":"Sonnino, Alberto","first_name":"Alberto","last_name":"Sonnino"},{"last_name":"Chalkias","first_name":"Konstantinos","full_name":"Chalkias, Konstantinos"},{"full_name":"Kokoris Kogias, Eleftherios","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","first_name":"Eleftherios","last_name":"Kokoris Kogias"},{"full_name":"Naurois, Ladi De","last_name":"Naurois","first_name":"Ladi De"},{"last_name":"Roy","first_name":"Arnab","full_name":"Roy, Arnab"}],"volume":282,"date_updated":"2023-11-13T08:52:01Z","date_created":"2023-11-12T23:00:55Z","year":"2023","acknowledgement":"Work done when all the authors were at Novi Research, Meta.","department":[{"_id":"ElKo"}],"publisher":"Schloss Dagstuhl - Leibniz-Zentrum für Informatik","publication_status":"published","article_processing_charge":"Yes","has_accepted_license":"1","day":"01","scopus_import":"1","date_published":"2023-10-01T00:00:00Z","citation":{"ama":"Beaver D, Kelkar M, Lewi K, et al. STROBE: Streaming Threshold Random Beacons. In: 5th Conference on Advances in Financial Technologies. Vol 282. Schloss Dagstuhl - Leibniz-Zentrum für Informatik; 2023. doi:10.4230/LIPIcs.AFT.2023.7","ista":"Beaver D, Kelkar M, Lewi K, Nikolaenko V, Sonnino A, Chalkias K, Kokoris Kogias E, Naurois LD, Roy A. 2023. STROBE: Streaming Threshold Random Beacons. 5th Conference on Advances in Financial Technologies. AFT: Conference on Advances in Financial Technologies, LIPIcs, vol. 282, 7.","apa":"Beaver, D., Kelkar, M., Lewi, K., Nikolaenko, V., Sonnino, A., Chalkias, K., … Roy, A. (2023). STROBE: Streaming Threshold Random Beacons. In 5th Conference on Advances in Financial Technologies (Vol. 282). Princeton, NJ, United States: Schloss Dagstuhl - Leibniz-Zentrum für Informatik. https://doi.org/10.4230/LIPIcs.AFT.2023.7","ieee":"D. Beaver et al., “STROBE: Streaming Threshold Random Beacons,” in 5th Conference on Advances in Financial Technologies, Princeton, NJ, United States, 2023, vol. 282.","mla":"Beaver, Donald, et al. “STROBE: Streaming Threshold Random Beacons.” 5th Conference on Advances in Financial Technologies, vol. 282, 7, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2023, doi:10.4230/LIPIcs.AFT.2023.7.","short":"D. Beaver, M. Kelkar, K. Lewi, V. Nikolaenko, A. Sonnino, K. Chalkias, E. Kokoris Kogias, L.D. Naurois, A. Roy, in:, 5th Conference on Advances in Financial Technologies, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2023.","chicago":"Beaver, Donald, Mahimna Kelkar, Kevin Lewi, Valeria Nikolaenko, Alberto Sonnino, Konstantinos Chalkias, Eleftherios Kokoris Kogias, Ladi De Naurois, and Arnab Roy. “STROBE: Streaming Threshold Random Beacons.” In 5th Conference on Advances in Financial Technologies, Vol. 282. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2023. https://doi.org/10.4230/LIPIcs.AFT.2023.7."},"publication":"5th Conference on Advances in Financial Technologies","abstract":[{"text":"We revisit decentralized random beacons with a focus on practical distributed applications. Decentralized random beacons (Beaver and So, Eurocrypt'93) provide the functionality for n parties to generate an unpredictable sequence of bits in a way that cannot be biased, which is useful for any decentralized protocol requiring trusted randomness. Existing beacon constructions are highly inefficient in practical settings where protocol parties need to rejoin after crashes or disconnections, and more significantly where smart contracts may rely on arbitrary index points in high-volume streams. For this, we introduce a new notion of history-generating decentralized random beacons (HGDRBs). Roughly, the history-generation property of HGDRBs allows for previous beacon outputs to be efficiently generated knowing only the current value and the public key. At application layers, history-generation supports registering a sparser set of on-chain values if desired, so that apps like lotteries can utilize on-chain values without incurring high-frequency costs, enjoying all the benefits of DRBs implemented off-chain or with decoupled, special-purpose chains. Unlike rollups, HG is tailored specifically to recovering and verifying pseudorandom bit sequences and thus enjoys unique optimizations investigated in this work. We introduce STROBE: an efficient HGDRB construction which generalizes the original squaring-based RSA approach of Beaver and So. STROBE enjoys several useful properties that make it suited for practical applications that use beacons: 1) history-generating: it can regenerate and verify high-throughput beacon streams, supporting sparse (thus cost-effective) ledger entries; 2) concisely self-verifying: NIZK-free, with state and validation employing a single ring element; 3) eco-friendly: stake-based rather than work based; 4) unbounded: refresh-free, addressing limitations of Beaver and So; 5) delay-free: results are immediately available. 6) storage-efficient: the last beacon suffices to derive all past outputs, thus O(1) storage requirements for nodes serving the whole history.","lang":"eng"}],"type":"conference","alternative_title":["LIPIcs"],"oa_version":"Published Version","file":[{"access_level":"open_access","file_name":"2023_LIPIcs_Beaver.pdf","file_size":793495,"content_type":"application/pdf","creator":"dernst","relation":"main_file","file_id":"14521","checksum":"c1f98831cb5149d6c030c41999e6e960","success":1,"date_created":"2023-11-13T08:44:34Z","date_updated":"2023-11-13T08:44:34Z"}],"_id":"14516","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","intvolume":" 282","status":"public","ddc":["000"],"title":"STROBE: Streaming Threshold Random Beacons"},{"month":"08","publication_identifier":{"isbn":["9781713879497"]},"conference":{"location":"Anaheim, CA, United States","start_date":"2023-08-09","end_date":"2023-08-11","name":"USENIX Security Symposium"},"language":[{"iso":"eng"}],"oa":1,"main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2022/1389"}],"quality_controlled":"1","project":[{"name":"Secure Network and Hardware for Efficient Blockchains","_id":"34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f","grant_number":"F8512"}],"file_date_updated":"2023-11-28T09:14:34Z","author":[{"last_name":"Das","first_name":"Sourav","full_name":"Das, Sourav"},{"full_name":"Xiang, Zhuolun","first_name":"Zhuolun","last_name":"Xiang"},{"last_name":"Kokoris Kogias","first_name":"Eleftherios","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","full_name":"Kokoris Kogias, Eleftherios"},{"full_name":"Ren, Ling","first_name":"Ling","last_name":"Ren"}],"date_updated":"2023-11-28T09:17:38Z","date_created":"2023-11-26T23:00:55Z","volume":8,"year":"2023","acknowledgement":"The authors would like to thank Amit Agarwal, Andrew Miller, and Tom Yurek for the helpful discussions related to the paper. This work is funded in part by a VMware early career faculty grant, a Chainlink Labs Ph.D. fellowship, the National Science Foundation, and the Austrian Science Fund (FWF) F8512-N.","publication_status":"published","publisher":"Usenix","department":[{"_id":"ElKo"}],"day":"15","has_accepted_license":"1","article_processing_charge":"No","scopus_import":"1","date_published":"2023-08-15T00:00:00Z","publication":"32nd USENIX Security Symposium","citation":{"chicago":"Das, Sourav, Zhuolun Xiang, Eleftherios Kokoris Kogias, and Ling Ren. “Practical Asynchronous High-Threshold Distributed Key Generation and Distributed Polynomial Sampling.” In 32nd USENIX Security Symposium, 8:5359–76. Usenix, 2023.","mla":"Das, Sourav, et al. “Practical Asynchronous High-Threshold Distributed Key Generation and Distributed Polynomial Sampling.” 32nd USENIX Security Symposium, vol. 8, Usenix, 2023, pp. 5359–76.","short":"S. Das, Z. Xiang, E. Kokoris Kogias, L. Ren, in:, 32nd USENIX Security Symposium, Usenix, 2023, pp. 5359–5376.","ista":"Das S, Xiang Z, Kokoris Kogias E, Ren L. 2023. Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling. 32nd USENIX Security Symposium. USENIX Security Symposium vol. 8, 5359–5376.","ieee":"S. Das, Z. Xiang, E. Kokoris Kogias, and L. Ren, “Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling,” in 32nd USENIX Security Symposium, Anaheim, CA, United States, 2023, vol. 8, pp. 5359–5376.","apa":"Das, S., Xiang, Z., Kokoris Kogias, E., & Ren, L. (2023). Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling. In 32nd USENIX Security Symposium (Vol. 8, pp. 5359–5376). Anaheim, CA, United States: Usenix.","ama":"Das S, Xiang Z, Kokoris Kogias E, Ren L. Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling. In: 32nd USENIX Security Symposium. Vol 8. Usenix; 2023:5359-5376."},"page":"5359-5376","abstract":[{"text":"Distributed Key Generation (DKG) is a technique to bootstrap threshold cryptosystems without a trusted party. DKG is an essential building block to many decentralized protocols such as randomness beacons, threshold signatures, Byzantine consensus, and multiparty computation. While significant progress has been made recently, existing asynchronous DKG constructions are inefficient when the reconstruction threshold is larger than one-third of the total nodes. In this paper, we present a simple and concretely efficient asynchronous DKG (ADKG) protocol among n = 3t + 1 nodes that can tolerate up to t malicious nodes and support any reconstruction threshold ℓ ≥ t. Our protocol has an expected O(κn3) communication cost, where κ is the security parameter, and only assumes the hardness of the Discrete Logarithm. The\r\ncore ingredient of our ADKG protocol is an asynchronous protocol to secret share a random polynomial of degree ℓ ≥ t, which has other applications, such as asynchronous proactive secret sharing and asynchronous multiparty computation. We implement our high-threshold ADKG protocol and evaluate it using a network of up to 128 geographically distributed nodes. Our evaluation shows that our high-threshold ADKG protocol reduces the running time by 90% and bandwidth usage by 80% over the state-of-the-art.","lang":"eng"}],"type":"conference","oa_version":"Published Version","file":[{"file_id":"14621","relation":"main_file","success":1,"checksum":"1a730765930138e23c6efd2575872641","date_created":"2023-11-28T09:14:34Z","date_updated":"2023-11-28T09:14:34Z","access_level":"open_access","file_name":"2023_USENIX_Das.pdf","creator":"dernst","content_type":"application/pdf","file_size":704331}],"_id":"14609","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","status":"public","ddc":["000"],"title":"Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling","intvolume":" 8"},{"file_date_updated":"2023-08-22T06:37:48Z","acknowledgement":"This work was supported in part by the Coordenação de Aperfeiçoamento de Pessoal de Nivel Superior (CAPES)—Brazil (CAPES), in part by the Fundação para a Ciência e Tecnologia (FCT) under Project UIDB/50021/2020 and Grant 2020.05270.BD, in part by the Project COSMOS (via the Orçamento de Estado (OE) with ref. PTDC/EEI-COM/29271/2017 and via the ‘‘Programa Operacional Regional de Lisboa na sua componente Fundo Europeu de Desenvolvimento Regional (FEDER)’’ with ref. Lisboa-01-0145-FEDER-029271), and in part by the project Angainor with reference LISBOA-01-0145-FEDER-031456 as well as supported by Meta Platforms for the project key Transparency at Scale.","year":"2023","publication_status":"published","publisher":"Institute of Electrical and Electronics Engineers","department":[{"_id":"ElKo"}],"author":[{"orcid":"0000-0001-7227-8309","id":"f09651b9-fec0-11ec-b5d8-934aff0e52a4","last_name":"Neiheiser","first_name":"Ray","full_name":"Neiheiser, Ray"},{"first_name":"Gustavo","last_name":"Inacio","full_name":"Inacio, Gustavo"},{"first_name":"Luciana","last_name":"Rech","full_name":"Rech, Luciana"},{"last_name":"Montez","first_name":"Carlos","full_name":"Montez, Carlos"},{"full_name":"Matos, Miguel","first_name":"Miguel","last_name":"Matos"},{"first_name":"Luis","last_name":"Rodrigues","full_name":"Rodrigues, Luis"}],"date_created":"2023-08-09T12:09:57Z","date_updated":"2023-12-13T12:14:52Z","volume":11,"month":"08","publication_identifier":{"issn":["2169-3536"]},"external_id":{"isi":["000927831000001"]},"tmp":{"name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","short":"CC BY (4.0)","image":"/images/cc_by.png"},"oa":1,"isi":1,"quality_controlled":"1","doi":"10.1109/access.2023.3237897","language":[{"iso":"eng"}],"type":"journal_article","abstract":[{"lang":"eng","text":"Most permissionless blockchains inherently suffer from throughput limitations. Layer-2 systems, such as side-chains or Rollups, have been proposed as a possible strategy to overcome this limitation. Layer-2 systems interact with the main-chain in two ways. First, users can move funds from/to the main-chain to/from the layer-2. Second, layer-2 systems periodically synchronize with the main-chain to keep some form of log of their activity on the main-chain - this log is key for security. Due to this interaction with the main-chain, which is necessary and recurrent, layer-2 systems impose some load on the main-chain. The impact of such load on the main-chain has been, so far, poorly understood. In addition to that, layer-2 approaches typically sacrifice decentralization and security in favor of higher throughput. This paper presents an experimental study that analyzes the current state of Ethereum layer-2 projects. Our goal is to assess the load they impose on Ethereum and to understand their scalability potential in the long-run. Our analysis shows that the impact of any given layer-2 on the main-chain is the result of both technical aspects (how state is logged on the main-chain) and user behavior (how often users decide to transfer funds between the layer-2 and the main-chain). Based on our observations, we infer that without efficient mechanisms that allow users to transfer funds in a secure and fast manner directly from one layer-2 project to another, current layer-2 systems will not be able to scale Ethereum effectively, regardless of their technical solutions. Furthermore, from our results, we conclude that the layer-2 systems that offer similar security guarantees as Ethereum have limited scalability potential, while approaches that offer better performance, sacrifice security and lead to an increase in centralization which runs against the end-goals of permissionless blockchains."}],"_id":"13988","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","ddc":["000"],"status":"public","title":"Practical limitations of Ethereum’s layer-2","intvolume":" 11","file":[{"relation":"main_file","file_id":"14166","checksum":"4b80b0ff212edf7e5842fbdd53784432","success":1,"date_updated":"2023-08-22T06:37:48Z","date_created":"2023-08-22T06:37:48Z","access_level":"open_access","file_name":"2023_IEEEAccess_Neiheiser.pdf","file_size":1289285,"content_type":"application/pdf","creator":"dernst"}],"oa_version":"Published Version","scopus_import":"1","keyword":["General Engineering","General Materials Science","General Computer Science","Electrical and Electronic Engineering"],"day":"01","article_processing_charge":"Yes","has_accepted_license":"1","publication":"IEEE Access","citation":{"mla":"Neiheiser, Ray, et al. “Practical Limitations of Ethereum’s Layer-2.” IEEE Access, vol. 11, Institute of Electrical and Electronics Engineers, 2023, pp. 8651–62, doi:10.1109/access.2023.3237897.","short":"R. Neiheiser, G. Inacio, L. Rech, C. Montez, M. Matos, L. Rodrigues, IEEE Access 11 (2023) 8651–8662.","chicago":"Neiheiser, Ray, Gustavo Inacio, Luciana Rech, Carlos Montez, Miguel Matos, and Luis Rodrigues. “Practical Limitations of Ethereum’s Layer-2.” IEEE Access. Institute of Electrical and Electronics Engineers, 2023. https://doi.org/10.1109/access.2023.3237897.","ama":"Neiheiser R, Inacio G, Rech L, Montez C, Matos M, Rodrigues L. Practical limitations of Ethereum’s layer-2. IEEE Access. 2023;11:8651-8662. doi:10.1109/access.2023.3237897","ista":"Neiheiser R, Inacio G, Rech L, Montez C, Matos M, Rodrigues L. 2023. Practical limitations of Ethereum’s layer-2. IEEE Access. 11, 8651–8662.","apa":"Neiheiser, R., Inacio, G., Rech, L., Montez, C., Matos, M., & Rodrigues, L. (2023). Practical limitations of Ethereum’s layer-2. IEEE Access. Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/access.2023.3237897","ieee":"R. Neiheiser, G. Inacio, L. Rech, C. Montez, M. Matos, and L. Rodrigues, “Practical limitations of Ethereum’s layer-2,” IEEE Access, vol. 11. Institute of Electrical and Electronics Engineers, pp. 8651–8662, 2023."},"article_type":"original","page":"8651-8662","date_published":"2023-08-01T00:00:00Z"},{"publisher":"Springer Nature","department":[{"_id":"ElKo"},{"_id":"GradSch"}],"publication_status":"published","year":"2023","acknowledgement":"Eleftherios Kokoris-Kogias is partially supported by Austrian Science Fund (FWF) grant No: F8512-N.","volume":13950,"date_updated":"2024-01-08T09:28:14Z","date_created":"2024-01-08T09:17:38Z","author":[{"id":"a20e8902-32b0-11ee-9fa8-b23fa638b793","last_name":"Stefo","first_name":"Christos","full_name":"Stefo, Christos"},{"last_name":"Xiang","first_name":"Zhuolun","full_name":"Xiang, Zhuolun"},{"full_name":"Kokoris Kogias, Eleftherios","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","first_name":"Eleftherios","last_name":"Kokoris Kogias"}],"project":[{"name":"Secure Network and Hardware for Efficient Blockchains","grant_number":"F8512","_id":"34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f"}],"quality_controlled":"1","main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2022/1554"}],"oa":1,"language":[{"iso":"eng"}],"doi":"10.1007/978-3-031-47754-6_1","conference":{"end_date":"2023-05-05","start_date":"2023-05-01","location":"Bol, Brac, Croatia","name":"FC: Financial Cryptography and Data Security"},"publication_identifier":{"issn":["1611-3349"],"eisbn":["9783031477546"],"isbn":["9783031477539"],"eissn":["0302-9743"]},"month":"12","intvolume":" 13950","title":"Executing and proving over dirty ledgers","status":"public","_id":"14735","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","oa_version":"Preprint","alternative_title":["LNCS"],"type":"conference","abstract":[{"lang":"eng","text":"Scaling blockchain protocols to perform on par with the expected needs of Web3.0 has been proven to be a challenging task with almost a decade of research. In the forefront of the current solution is the idea of separating the execution of the updates encoded in a block from the ordering of blocks. In order to achieve this, a new class of protocols called rollups has emerged. Rollups have as input a total ordering of valid and invalid transactions and as output a new valid state-transition.\r\nIf we study rollups from a distributed computing perspective, we uncover that rollups take as input the output of a Byzantine Atomic Broadcast (BAB) protocol and convert it to a State Machine Replication (SMR) protocol. BAB and SMR, however, are considered equivalent as far as distributed computing is concerned and a solution to one can easily be retrofitted to solve the other simply by adding/removing an execution step before the validation of the input.\r\nThis “easy” step of retrofitting an atomic broadcast solution to implement an SMR has, however, been overlooked in practice. In this paper, we formalize the problem and show that after BAB is solved, traditional impossibility results for consensus no longer apply towards an SMR. Leveraging this we propose a distributed execution protocol that allows reduced execution and storage cost per executor (O(log2n/n)) without relaxing the network assumptions of the underlying BAB protocol and providing censorship-resistance. Finally, we propose efficient non-interactive light client constructions that leverage our efficient execution protocols and do not require any synchrony assumptions or expensive ZK-proofs."}],"page":"3-20","citation":{"ieee":"C. Stefo, Z. Xiang, and E. Kokoris Kogias, “Executing and proving over dirty ledgers,” in 27th International Conference on Financial Cryptography and Data Security, Bol, Brac, Croatia, 2023, vol. 13950, pp. 3–20.","apa":"Stefo, C., Xiang, Z., & Kokoris Kogias, E. (2023). Executing and proving over dirty ledgers. In 27th International Conference on Financial Cryptography and Data Security (Vol. 13950, pp. 3–20). Bol, Brac, Croatia: Springer Nature. https://doi.org/10.1007/978-3-031-47754-6_1","ista":"Stefo C, Xiang Z, Kokoris Kogias E. 2023. Executing and proving over dirty ledgers. 27th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13950, 3–20.","ama":"Stefo C, Xiang Z, Kokoris Kogias E. Executing and proving over dirty ledgers. In: 27th International Conference on Financial Cryptography and Data Security. Vol 13950. Springer Nature; 2023:3-20. doi:10.1007/978-3-031-47754-6_1","chicago":"Stefo, Christos, Zhuolun Xiang, and Eleftherios Kokoris Kogias. “Executing and Proving over Dirty Ledgers.” In 27th International Conference on Financial Cryptography and Data Security, 13950:3–20. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-47754-6_1.","short":"C. Stefo, Z. Xiang, E. Kokoris Kogias, in:, 27th International Conference on Financial Cryptography and Data Security, Springer Nature, 2023, pp. 3–20.","mla":"Stefo, Christos, et al. “Executing and Proving over Dirty Ledgers.” 27th International Conference on Financial Cryptography and Data Security, vol. 13950, Springer Nature, 2023, pp. 3–20, doi:10.1007/978-3-031-47754-6_1."},"publication":"27th International Conference on Financial Cryptography and Data Security","date_published":"2023-12-01T00:00:00Z","scopus_import":"1","article_processing_charge":"No","day":"01"},{"quality_controlled":"1","language":[{"iso":"eng"}],"conference":{"end_date":"2023-06-09","start_date":"2023-06-06","location":"Alcalá de Henares, Spain","name":"SIROCCO: Structural Information and Communication Complexity"},"doi":"10.1007/978-3-031-32733-9_10","month":"06","publication_identifier":{"issn":["0302-9743"],"eisbn":["9783031327339"],"eissn":["1611-3349"],"isbn":["9783031327322"]},"publication_status":"published","department":[{"_id":"ElKo"}],"publisher":"Springer Nature","acknowledgement":"The work was partially supported by the Austrian Science Fund (FWF) through the project CoRaF (grant agreement 2020388).","year":"2023","date_created":"2024-01-08T12:56:46Z","date_updated":"2024-01-09T07:40:57Z","volume":13892,"author":[{"full_name":"Avarikioti, Zeta","first_name":"Zeta","last_name":"Avarikioti"},{"first_name":"Antoine","last_name":"Desjardins","id":"06d0c166-aec1-11ee-a7c0-b96e840a602b","full_name":"Desjardins, Antoine"},{"full_name":"Kokoris Kogias, Eleftherios","last_name":"Kokoris Kogias","first_name":"Eleftherios","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30"},{"first_name":"Roger","last_name":"Wattenhofer","full_name":"Wattenhofer, Roger"}],"page":"199-245","publication":"30th International Colloquium on Structural Information and Communication Complexity","citation":{"chicago":"Avarikioti, Zeta, Antoine Desjardins, Eleftherios Kokoris Kogias, and Roger Wattenhofer. “Divide & Scale: Formalization and Roadmap to Robust Sharding.” In 30th International Colloquium on Structural Information and Communication Complexity, 13892:199–245. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-32733-9_10.","mla":"Avarikioti, Zeta, et al. “Divide & Scale: Formalization and Roadmap to Robust Sharding.” 30th International Colloquium on Structural Information and Communication Complexity, vol. 13892, Springer Nature, 2023, pp. 199–245, doi:10.1007/978-3-031-32733-9_10.","short":"Z. Avarikioti, A. Desjardins, E. Kokoris Kogias, R. Wattenhofer, in:, 30th International Colloquium on Structural Information and Communication Complexity, Springer Nature, 2023, pp. 199–245.","ista":"Avarikioti Z, Desjardins A, Kokoris Kogias E, Wattenhofer R. 2023. Divide & Scale: Formalization and roadmap to robust sharding. 30th International Colloquium on Structural Information and Communication Complexity. SIROCCO: Structural Information and Communication Complexity, LNCS, vol. 13892, 199–245.","apa":"Avarikioti, Z., Desjardins, A., Kokoris Kogias, E., & Wattenhofer, R. (2023). Divide & Scale: Formalization and roadmap to robust sharding. In 30th International Colloquium on Structural Information and Communication Complexity (Vol. 13892, pp. 199–245). Alcalá de Henares, Spain: Springer Nature. https://doi.org/10.1007/978-3-031-32733-9_10","ieee":"Z. Avarikioti, A. Desjardins, E. Kokoris Kogias, and R. Wattenhofer, “Divide & Scale: Formalization and roadmap to robust sharding,” in 30th International Colloquium on Structural Information and Communication Complexity, Alcalá de Henares, Spain, 2023, vol. 13892, pp. 199–245.","ama":"Avarikioti Z, Desjardins A, Kokoris Kogias E, Wattenhofer R. Divide & Scale: Formalization and roadmap to robust sharding. In: 30th International Colloquium on Structural Information and Communication Complexity. Vol 13892. Springer Nature; 2023:199-245. doi:10.1007/978-3-031-32733-9_10"},"date_published":"2023-06-01T00:00:00Z","scopus_import":"1","day":"01","article_processing_charge":"No","status":"public","title":"Divide & Scale: Formalization and roadmap to robust sharding","intvolume":" 13892","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","_id":"14744","oa_version":"None","alternative_title":["LNCS"],"type":"conference","abstract":[{"lang":"eng","text":"Sharding distributed ledgers is a promising on-chain solution for scaling blockchains but lacks formal grounds, nurturing skepticism on whether such complex systems can scale blockchains securely. We fill this gap by introducing the first formal framework as well as a roadmap to robust sharding. In particular, we first define the properties sharded distributed ledgers should fulfill. We build upon and extend the Bitcoin backbone protocol by defining consistency and scalability. Consistency encompasses the need for atomic execution of cross-shard transactions to preserve safety, whereas scalability encapsulates the speedup a sharded system can gain in comparison to a non-sharded system.\r\nUsing our model, we explore the limitations of sharding. We show that a sharded ledger with n participants cannot scale under a fully adaptive adversary, but it can scale up to m shards where n=c'm log m, under an epoch-adaptive adversary; the constant c' encompasses the trade-off between security and scalability. This is possible only if the sharded ledgers create succinct proofs of the valid state updates at every epoch. We leverage our results to identify the sufficient components for robust sharding, which we incorporate in a protocol abstraction termed Divide & Scale. To demonstrate the power of our framework, we analyze the most prominent sharded blockchains (Elastico, Monoxide, OmniLedger, RapidChain) and pinpoint where they fail to meet the desired properties."}]},{"user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","_id":"14829","intvolume":" 13951","status":"public","title":"Proof of availability and retrieval in a modular blockchain architecture","oa_version":"Submitted Version","type":"conference","alternative_title":["LNCS"],"abstract":[{"lang":"eng","text":"This paper explores a modular design architecture aimed at helping blockchains (and other SMR implementation) to scale to a very large number of processes. This comes in contrast to existing monolithic architectures that interleave transaction dissemination, ordering, and execution in a single functionality. To achieve this we first split the monolith to multiple layers which can use existing distributed computing primitives. The exact specifications of the data dissemination part are formally defined by the Proof of Availability & Retrieval (PoA &R) abstraction. Solutions to the PoA &R problem contain two related sub-protocols: one that “pushes” information into the network and another that “pulls” this information. Regarding the latter, there is a dearth of research literature which is rectified in this paper. We present a family of pulling sub-protocols and rigorously analyze them. Extensive simulations support the theoretical claims of efficiency and robustness in case of a very large number of players. Finally, actual implementation and deployment on a small number of machines (roughly the size of several industrial systems) demonstrates the viability of the architecture’s paradigm."}],"citation":{"ieee":"S. Cohen, G. Goren, E. Kokoris Kogias, A. Sonnino, and A. Spiegelman, “Proof of availability and retrieval in a modular blockchain architecture,” in 27th International Conference on Financial Cryptography and Data Security, Bol, Brac, Croatia, 2023, vol. 13951, pp. 36–53.","apa":"Cohen, S., Goren, G., Kokoris Kogias, E., Sonnino, A., & Spiegelman, A. (2023). Proof of availability and retrieval in a modular blockchain architecture. In 27th International Conference on Financial Cryptography and Data Security (Vol. 13951, pp. 36–53). Bol, Brac, Croatia: Springer Nature. https://doi.org/10.1007/978-3-031-47751-5_3","ista":"Cohen S, Goren G, Kokoris Kogias E, Sonnino A, Spiegelman A. 2023. Proof of availability and retrieval in a modular blockchain architecture. 27th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13951, 36–53.","ama":"Cohen S, Goren G, Kokoris Kogias E, Sonnino A, Spiegelman A. Proof of availability and retrieval in a modular blockchain architecture. In: 27th International Conference on Financial Cryptography and Data Security. Vol 13951. Springer Nature; 2023:36-53. doi:10.1007/978-3-031-47751-5_3","chicago":"Cohen, Shir, Guy Goren, Eleftherios Kokoris Kogias, Alberto Sonnino, and Alexander Spiegelman. “Proof of Availability and Retrieval in a Modular Blockchain Architecture.” In 27th International Conference on Financial Cryptography and Data Security, 13951:36–53. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-47751-5_3.","short":"S. Cohen, G. Goren, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, in:, 27th International Conference on Financial Cryptography and Data Security, Springer Nature, 2023, pp. 36–53.","mla":"Cohen, Shir, et al. “Proof of Availability and Retrieval in a Modular Blockchain Architecture.” 27th International Conference on Financial Cryptography and Data Security, vol. 13951, Springer Nature, 2023, pp. 36–53, doi:10.1007/978-3-031-47751-5_3."},"publication":"27th International Conference on Financial Cryptography and Data Security","page":"36-53","date_published":"2023-12-01T00:00:00Z","scopus_import":"1","article_processing_charge":"No","day":"01","year":"2023","acknowledgement":"This work is partially supported by Meta. Eleftherios Kokoris-Kogias is partially supported by Austrian Science Fund (FWF) grant No: F8512-N. Shir Cohen is supported by the Adams Fellowship Program of the Israel Academy of Sciences and Humanities.","publisher":"Springer Nature","department":[{"_id":"ElKo"}],"publication_status":"published","author":[{"full_name":"Cohen, Shir","first_name":"Shir","last_name":"Cohen"},{"full_name":"Goren, Guy","first_name":"Guy","last_name":"Goren"},{"id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","last_name":"Kokoris Kogias","first_name":"Eleftherios","full_name":"Kokoris Kogias, Eleftherios"},{"first_name":"Alberto","last_name":"Sonnino","full_name":"Sonnino, Alberto"},{"full_name":"Spiegelman, Alexander","last_name":"Spiegelman","first_name":"Alexander"}],"volume":13951,"date_created":"2024-01-18T07:41:12Z","date_updated":"2024-01-22T13:58:07Z","oa":1,"main_file_link":[{"url":"https://fc23.ifca.ai/preproceedings/150.pdf","open_access":"1"}],"project":[{"grant_number":"F8512","_id":"34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f","name":"Secure Network and Hardware for Efficient Blockchains"}],"quality_controlled":"1","doi":"10.1007/978-3-031-47751-5_3","conference":{"name":"FC: Financial Cryptography and Data Security","end_date":"2023-05-05","start_date":"2023-05-01","location":"Bol, Brac, Croatia"},"language":[{"iso":"eng"}],"publication_identifier":{"eissn":["1611-3349"],"isbn":["9783031477508"],"issn":["0302-9743"],"eisbn":["9783031477515"]},"month":"12"},{"month":"03","day":"01","article_processing_charge":"No","publication_identifier":{"isbn":["1891562835"]},"language":[{"iso":"eng"}],"conference":{"location":"San Diego, CA, United States","start_date":"2023-02-27","end_date":"2023-03-03","name":"NDSS: Network and Distributed Systems Security"},"date_published":"2023-03-01T00:00:00Z","doi":"10.14722/ndss.2023.24545","quality_controlled":"1","publication":"Proceedings of the 2023 Network and Distributed System Security Symposium","oa":1,"citation":{"ama":"Malvai H, Kokoris Kogias E, Sonnino A, et al. Parakeet: Practical key transparency for end-to-end eEncrypted messaging. In: Proceedings of the 2023 Network and Distributed System Security Symposium. Internet Society; 2023. doi:10.14722/ndss.2023.24545","apa":"Malvai, H., Kokoris Kogias, E., Sonnino, A., Ghosh, E., Oztürk, E., Lewi, K., & Lawlor, S. (2023). Parakeet: Practical key transparency for end-to-end eEncrypted messaging. In Proceedings of the 2023 Network and Distributed System Security Symposium. San Diego, CA, United States: Internet Society. https://doi.org/10.14722/ndss.2023.24545","ieee":"H. Malvai et al., “Parakeet: Practical key transparency for end-to-end eEncrypted messaging,” in Proceedings of the 2023 Network and Distributed System Security Symposium, San Diego, CA, United States, 2023.","ista":"Malvai H, Kokoris Kogias E, Sonnino A, Ghosh E, Oztürk E, Lewi K, Lawlor S. 2023. Parakeet: Practical key transparency for end-to-end eEncrypted messaging. Proceedings of the 2023 Network and Distributed System Security Symposium. NDSS: Network and Distributed Systems Security.","short":"H. Malvai, E. Kokoris Kogias, A. Sonnino, E. Ghosh, E. Oztürk, K. Lewi, S. Lawlor, in:, Proceedings of the 2023 Network and Distributed System Security Symposium, Internet Society, 2023.","mla":"Malvai, Harjasleen, et al. “Parakeet: Practical Key Transparency for End-to-End EEncrypted Messaging.” Proceedings of the 2023 Network and Distributed System Security Symposium, Internet Society, 2023, doi:10.14722/ndss.2023.24545.","chicago":"Malvai, Harjasleen, Eleftherios Kokoris Kogias, Alberto Sonnino, Esha Ghosh, Ercan Oztürk, Kevin Lewi, and Sean Lawlor. “Parakeet: Practical Key Transparency for End-to-End EEncrypted Messaging.” In Proceedings of the 2023 Network and Distributed System Security Symposium. Internet Society, 2023. https://doi.org/10.14722/ndss.2023.24545."},"main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2023/081"}],"abstract":[{"text":"Encryption alone is not enough for secure end-to end encrypted messaging: a server must also honestly serve public keys to users. Key transparency has been presented as an efficient\r\nsolution for detecting (and hence deterring) a server that attempts to dishonestly serve keys. Key transparency involves two major components: (1) a username to public key mapping, stored and cryptographically committed to by the server, and, (2) an outof-band consistency protocol for serving short commitments to users. In the setting of real-world deployments and supporting production scale, new challenges must be considered for both of these components. We enumerate these challenges and provide solutions to address them. In particular, we design and implement a memory-optimized and privacy-preserving verifiable data structure for committing to the username to public key store.\r\nTo make this implementation viable for production, we also integrate support for persistent and distributed storage. We also propose a future-facing solution, termed “compaction”, as\r\na mechanism for mitigating practical issues that arise from dealing with infinitely growing server data structures. Finally, we implement a consensusless solution that achieves the minimum requirements for a service that consistently distributes commitments for a transparency application, providing a much more efficient protocol for distributing small and consistent\r\ncommitments to users. This culminates in our production-grade implementation of a key transparency system (Parakeet) which we have open-sourced, along with a demonstration of feasibility through our benchmarks.","lang":"eng"}],"type":"conference","date_updated":"2024-02-19T12:11:15Z","date_created":"2024-02-14T14:20:40Z","oa_version":"Published Version","author":[{"first_name":"Harjasleen","last_name":"Malvai","full_name":"Malvai, Harjasleen"},{"first_name":"Eleftherios","last_name":"Kokoris Kogias","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","full_name":"Kokoris Kogias, Eleftherios"},{"first_name":"Alberto","last_name":"Sonnino","full_name":"Sonnino, Alberto"},{"first_name":"Esha","last_name":"Ghosh","full_name":"Ghosh, Esha"},{"full_name":"Oztürk, Ercan","first_name":"Ercan","last_name":"Oztürk"},{"full_name":"Lewi, Kevin","last_name":"Lewi","first_name":"Kevin"},{"full_name":"Lawlor, Sean","first_name":"Sean","last_name":"Lawlor"}],"status":"public","publication_status":"published","title":"Parakeet: Practical key transparency for end-to-end eEncrypted messaging","publisher":"Internet Society","department":[{"_id":"ElKo"}],"_id":"14989","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","year":"2023","acknowledgement":"This work is supported by the Novi team at Meta and funded in part by IC3 industry partners and NSF grant 1943499."},{"quality_controlled":"1","page":"281-297","publication":"Proceedings of the 29th Symposium on Operating Systems Principles","oa":1,"main_file_link":[{"url":"https://doi.org/10.1145/3600006.3613150","open_access":"1"}],"citation":{"mla":"Tennage, Pasindu, et al. “QuePaxa: Escaping the Tyranny of Timeouts in Consensus.” Proceedings of the 29th Symposium on Operating Systems Principles, Association for Computing Machinery, 2023, pp. 281–97, doi:10.1145/3600006.3613150.","short":"P. Tennage, C. Basescu, E. Kokoris Kogias, E. Syta, P. Jovanovic, V. Estrada-Galinanes, B. Ford, in:, Proceedings of the 29th Symposium on Operating Systems Principles, Association for Computing Machinery, 2023, pp. 281–297.","chicago":"Tennage, Pasindu, Cristina Basescu, Eleftherios Kokoris Kogias, Ewa Syta, Philipp Jovanovic, Vero Estrada-Galinanes, and Bryan Ford. “QuePaxa: Escaping the Tyranny of Timeouts in Consensus.” In Proceedings of the 29th Symposium on Operating Systems Principles, 281–97. Association for Computing Machinery, 2023. https://doi.org/10.1145/3600006.3613150.","ama":"Tennage P, Basescu C, Kokoris Kogias E, et al. QuePaxa: Escaping the tyranny of timeouts in consensus. In: Proceedings of the 29th Symposium on Operating Systems Principles. Association for Computing Machinery; 2023:281-297. doi:10.1145/3600006.3613150","ista":"Tennage P, Basescu C, Kokoris Kogias E, Syta E, Jovanovic P, Estrada-Galinanes V, Ford B. 2023. QuePaxa: Escaping the tyranny of timeouts in consensus. Proceedings of the 29th Symposium on Operating Systems Principles. SOSP: Symposium on Operating Systems Principles, 281–297.","apa":"Tennage, P., Basescu, C., Kokoris Kogias, E., Syta, E., Jovanovic, P., Estrada-Galinanes, V., & Ford, B. (2023). QuePaxa: Escaping the tyranny of timeouts in consensus. In Proceedings of the 29th Symposium on Operating Systems Principles (pp. 281–297). Koblenz, Germany: Association for Computing Machinery. https://doi.org/10.1145/3600006.3613150","ieee":"P. Tennage et al., “QuePaxa: Escaping the tyranny of timeouts in consensus,” in Proceedings of the 29th Symposium on Operating Systems Principles, Koblenz, Germany, 2023, pp. 281–297."},"language":[{"iso":"eng"}],"conference":{"end_date":"2023-10-26","start_date":"2023-10-23","location":"Koblenz, Germany","name":"SOSP: Symposium on Operating Systems Principles"},"date_published":"2023-10-01T00:00:00Z","doi":"10.1145/3600006.3613150","scopus_import":"1","day":"01","month":"10","publication_identifier":{"isbn":["9798400702297"]},"article_processing_charge":"No","status":"public","publication_status":"published","title":"QuePaxa: Escaping the tyranny of timeouts in consensus","department":[{"_id":"ElKo"}],"publisher":"Association for Computing Machinery","_id":"14743","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","acknowledgement":"The authors would like to thank Marcos K. Aguilera, Pierluca Borsò, Aleksey Charapko, Rachid Guerraoui, Jovan Komatovic, Derek Leung, Louis-Henri Merino, Shailesh Mishra, Haochen Pan, Rodrigo Rodrigues, Lewis Tseng, and Haoqian Zhang for their helpful feedback on early drafts of this paper.","year":"2023","date_updated":"2024-02-28T12:51:24Z","date_created":"2024-01-08T12:54:35Z","oa_version":"Published Version","author":[{"first_name":"Pasindu","last_name":"Tennage","full_name":"Tennage, Pasindu"},{"first_name":"Cristina","last_name":"Basescu","full_name":"Basescu, Cristina"},{"id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","first_name":"Eleftherios","last_name":"Kokoris Kogias","full_name":"Kokoris Kogias, Eleftherios"},{"last_name":"Syta","first_name":"Ewa","full_name":"Syta, Ewa"},{"last_name":"Jovanovic","first_name":"Philipp","full_name":"Jovanovic, Philipp"},{"full_name":"Estrada-Galinanes, Vero","last_name":"Estrada-Galinanes","first_name":"Vero"},{"last_name":"Ford","first_name":"Bryan","full_name":"Ford, Bryan"}],"type":"conference","abstract":[{"lang":"eng","text":"Leader-based consensus algorithms are fast and efficient under normal conditions, but lack robustness to adverse conditions due to their reliance on timeouts for liveness. We present QuePaxa, the first protocol offering state-of-the-art normal-case efficiency without depending on timeouts. QuePaxa uses a novel randomized asynchronous consensus core to tolerate adverse conditions such as denial-of-service (DoS) attacks, while a one-round-trip fast path preserves the normal-case efficiency of Multi-Paxos or Raft. By allowing simultaneous proposers without destructive interference, and using short hedging delays instead of conservative timeouts to limit redundant effort, QuePaxa permits rapid recovery after leader failure without risking costly view changes due to false timeouts. By treating leader choice and hedging delay as a multi-armed-bandit optimization, QuePaxa achieves responsiveness to prevalent conditions, and can choose the best leader even if the current one has not failed. Experiments with a prototype confirm that QuePaxa achieves normal-case LAN and WAN performance of 584k and 250k cmd/sec in throughput, respectively, comparable to Multi-Paxos. Under conditions such as DoS attacks, misconfigurations, or slow leaders that severely impact existing protocols, we find that QuePaxa remains live with median latency under 380ms in WAN experiments."}]},{"publisher":"Association for Computing Machinery","department":[{"_id":"ElKo"}],"publication_status":"published","title":"Bullshark: DAG BFT protocols made practical","status":"public","_id":"12229","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","year":"2022","oa_version":"Preprint","date_updated":"2023-01-27T10:33:17Z","date_created":"2023-01-16T09:49:48Z","author":[{"full_name":"Spiegelman, Alexander","last_name":"Spiegelman","first_name":"Alexander"},{"full_name":"Giridharan, Neil","last_name":"Giridharan","first_name":"Neil"},{"full_name":"Sonnino, Alberto","last_name":"Sonnino","first_name":"Alberto"},{"full_name":"Kokoris Kogias, Eleftherios","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","last_name":"Kokoris Kogias","first_name":"Eleftherios"}],"type":"conference","abstract":[{"lang":"eng","text":"We present Bullshark, the first directed acyclic graph (DAG) based asynchronous Byzantine Atomic Broadcast protocol that is optimized for the common synchronous case. Like previous DAG-based BFT protocols [19, 25], Bullshark requires no extra communication to achieve consensus on top of building the DAG. That is, parties can totally order the vertices of the DAG by interpreting their local view of the DAG edges. Unlike other asynchronous DAG-based protocols, Bullshark provides a practical low latency fast-path that exploits synchronous periods and deprecates the need for notoriously complex view-change and view-synchronization mechanisms. Bullshark achieves this while maintaining all the desired properties of its predecessor DAG-Rider [25]. Namely, it has optimal amortized communication complexity, it provides fairness and asynchronous liveness, and safety is guaranteed even under a quantum adversary.\r\n\r\nIn order to show the practicality and simplicity of our approach, we also introduce a standalone partially synchronous version of Bullshark, which we evaluate against the state of the art. The implemented protocol is embarrassingly simple (200 LOC on top of an existing DAG-based mempool implementation). It is highly efficient, achieving for example, 125,000 transactions per second with a 2 seconds latency for a deployment of 50 parties. In the same setting, the state of the art pays a steep 50% latency increase as it optimizes for asynchrony."}],"page":"2705–2718","quality_controlled":"1","external_id":{"arxiv":["2201.05677"]},"oa":1,"main_file_link":[{"url":"https://doi.org/10.48550/arXiv.2201.05677","open_access":"1"}],"citation":{"ieee":"A. Spiegelman, N. Giridharan, A. Sonnino, and E. Kokoris Kogias, “Bullshark: DAG BFT protocols made practical,” in Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Los Angeles, CA, United States, 2022, pp. 2705–2718.","apa":"Spiegelman, A., Giridharan, N., Sonnino, A., & Kokoris Kogias, E. (2022). Bullshark: DAG BFT protocols made practical. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (pp. 2705–2718). Los Angeles, CA, United States: Association for Computing Machinery. https://doi.org/10.1145/3548606.3559361","ista":"Spiegelman A, Giridharan N, Sonnino A, Kokoris Kogias E. 2022. Bullshark: DAG BFT protocols made practical. Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. CCS: CConference on Computer and Communications Security, 2705–2718.","ama":"Spiegelman A, Giridharan N, Sonnino A, Kokoris Kogias E. Bullshark: DAG BFT protocols made practical. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery; 2022:2705–2718. doi:10.1145/3548606.3559361","chicago":"Spiegelman, Alexander, Neil Giridharan, Alberto Sonnino, and Eleftherios Kokoris Kogias. “Bullshark: DAG BFT Protocols Made Practical.” In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2705–2718. Association for Computing Machinery, 2022. https://doi.org/10.1145/3548606.3559361.","short":"A. Spiegelman, N. Giridharan, A. Sonnino, E. Kokoris Kogias, in:, Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Association for Computing Machinery, 2022, pp. 2705–2718.","mla":"Spiegelman, Alexander, et al. “Bullshark: DAG BFT Protocols Made Practical.” Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Association for Computing Machinery, 2022, pp. 2705–2718, doi:10.1145/3548606.3559361."},"publication":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","language":[{"iso":"eng"}],"doi":"10.1145/3548606.3559361","date_published":"2022-11-01T00:00:00Z","conference":{"name":"CCS: CConference on Computer and Communications Security","end_date":"2022-11-11","location":"Los Angeles, CA, United States","start_date":"2022-11-07"},"scopus_import":"1","article_processing_charge":"No","publication_identifier":{"isbn":["9781450394505"]},"day":"01","month":"11"},{"scopus_import":"1","day":"27","month":"07","publication_identifier":{"eisbn":["9781665413169"],"eissn":["2375-1207"]},"article_processing_charge":"No","quality_controlled":"1","page":"2518-2534","publication":"2022 IEEE Symposium on Security and Privacy","main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2021/1591"}],"citation":{"chicago":"Das, Sourav, Thomas Yurek, Zhuolun Xiang, Andrew Miller, Eleftherios Kokoris Kogias, and Ling Ren. “Practical Asynchronous Distributed Key Generation.” In 2022 IEEE Symposium on Security and Privacy, 2518–34. Institute of Electrical and Electronics Engineers, 2022. https://doi.org/10.1109/sp46214.2022.9833584.","mla":"Das, Sourav, et al. “Practical Asynchronous Distributed Key Generation.” 2022 IEEE Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers, 2022, pp. 2518–34, doi:10.1109/sp46214.2022.9833584.","short":"S. Das, T. Yurek, Z. Xiang, A. Miller, E. Kokoris Kogias, L. Ren, in:, 2022 IEEE Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers, 2022, pp. 2518–2534.","ista":"Das S, Yurek T, Xiang Z, Miller A, Kokoris Kogias E, Ren L. 2022. Practical asynchronous distributed key generation. 2022 IEEE Symposium on Security and Privacy. SP: Symposium on Security and Privacy, 2518–2534.","ieee":"S. Das, T. Yurek, Z. Xiang, A. Miller, E. Kokoris Kogias, and L. Ren, “Practical asynchronous distributed key generation,” in 2022 IEEE Symposium on Security and Privacy, San Francisco, CA, United States, 2022, pp. 2518–2534.","apa":"Das, S., Yurek, T., Xiang, Z., Miller, A., Kokoris Kogias, E., & Ren, L. (2022). Practical asynchronous distributed key generation. In 2022 IEEE Symposium on Security and Privacy (pp. 2518–2534). San Francisco, CA, United States: Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/sp46214.2022.9833584","ama":"Das S, Yurek T, Xiang Z, Miller A, Kokoris Kogias E, Ren L. Practical asynchronous distributed key generation. In: 2022 IEEE Symposium on Security and Privacy. Institute of Electrical and Electronics Engineers; 2022:2518-2534. doi:10.1109/sp46214.2022.9833584"},"oa":1,"language":[{"iso":"eng"}],"conference":{"end_date":"2022-05-26","location":"San Francisco, CA, United States","start_date":"2022-05-23","name":"SP: Symposium on Security and Privacy"},"doi":"10.1109/sp46214.2022.9833584","date_published":"2022-07-27T00:00:00Z","type":"conference","abstract":[{"text":"Distributed Key Generation (DKG) is a technique to bootstrap threshold cryptosystems without a trusted third party and is a building block to decentralized protocols such as randomness beacons, threshold signatures, and general multiparty computation. Until recently, DKG protocols have assumed the synchronous model and thus are vulnerable when their underlying network assumptions do not hold. The recent advancements in asynchronous DKG protocols are insufficient as they either have poor efficiency or limited functionality, resulting in a lack of concrete implementations. In this paper, we present a simple and concretely efficient asynchronous DKG (ADKG) protocol. In a network of n nodes, our ADKG protocol can tolerate up to tProceedings of the 17th European Conference on Computer Systems. Association for Computing Machinery; 2022:34-50. doi:10.1145/3492321.3519594","ieee":"G. Danezis, E. Kokoris Kogias, A. Sonnino, and A. Spiegelman, “Narwhal and Tusk: A DAG-based mempool and efficient BFT consensus,” in Proceedings of the 17th European Conference on Computer Systems, Rennes, France, 2022, pp. 34–50.","apa":"Danezis, G., Kokoris Kogias, E., Sonnino, A., & Spiegelman, A. (2022). Narwhal and Tusk: A DAG-based mempool and efficient BFT consensus. In Proceedings of the 17th European Conference on Computer Systems (pp. 34–50). Rennes, France: Association for Computing Machinery. https://doi.org/10.1145/3492321.3519594","ista":"Danezis G, Kokoris Kogias E, Sonnino A, Spiegelman A. 2022. Narwhal and Tusk: A DAG-based mempool and efficient BFT consensus. Proceedings of the 17th European Conference on Computer Systems. EuroSys: European Conference on Computer Systems, 34–50.","short":"G. Danezis, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, in:, Proceedings of the 17th European Conference on Computer Systems, Association for Computing Machinery, 2022, pp. 34–50.","mla":"Danezis, George, et al. “Narwhal and Tusk: A DAG-Based Mempool and Efficient BFT Consensus.” Proceedings of the 17th European Conference on Computer Systems, Association for Computing Machinery, 2022, pp. 34–50, doi:10.1145/3492321.3519594.","chicago":"Danezis, George, Eleftherios Kokoris Kogias, Alberto Sonnino, and Alexander Spiegelman. “Narwhal and Tusk: A DAG-Based Mempool and Efficient BFT Consensus.” In Proceedings of the 17th European Conference on Computer Systems, 34–50. Association for Computing Machinery, 2022. https://doi.org/10.1145/3492321.3519594."},"publication":"Proceedings of the 17th European Conference on Computer Systems","page":"34-50","date_published":"2022-03-28T00:00:00Z"},{"user_id":"4359f0d1-fa6c-11eb-b949-802e58b17ae8","_id":"12160","intvolume":" 2022","title":"Hierarchical consensus: A horizontal scaling framework for blockchains","status":"public","oa_version":"None","type":"conference","abstract":[{"text":"We present the Filecoin Hierarchical Consensus framework, which aims to overcome the throughput challenges of blockchain consensus by horizontally scaling the network. Unlike traditional sharding designs, based on partitioning the state of the network, our solution centers on the concept of subnets -which are organized hierarchically- and can be spawned on-demand to manage new state. Child sub nets are firewalled from parent subnets, have their own specific policies, and run a different consensus algorithm, increasing the network capacity and enabling new applications. Moreover, they benefit from the security of parent subnets by periodically checkpointing state. In this paper, we introduce the overall system architecture, our detailed designs for cross-net transaction handling, and the open questions that we are still exploring.","lang":"eng"}],"citation":{"ama":"De la Rocha A, Kokoris Kogias E, Soares JM, Vukolic M. Hierarchical consensus: A horizontal scaling framework for blockchains. In: 42nd International Conference on Distributed Computing Systems Workshops. Vol 2022. Institute of Electrical and Electronics Engineers; 2022:45-52. doi:10.1109/icdcsw56584.2022.00018","ista":"De la Rocha A, Kokoris Kogias E, Soares JM, Vukolic M. 2022. Hierarchical consensus: A horizontal scaling framework for blockchains. 42nd International Conference on Distributed Computing Systems Workshops. ICDCSW: International Conference on Distributed Computing Systems Workshop vol. 2022, 45–52.","ieee":"A. De la Rocha, E. Kokoris Kogias, J. M. Soares, and M. Vukolic, “Hierarchical consensus: A horizontal scaling framework for blockchains,” in 42nd International Conference on Distributed Computing Systems Workshops, Bologna, Italy, 2022, vol. 2022, pp. 45–52.","apa":"De la Rocha, A., Kokoris Kogias, E., Soares, J. M., & Vukolic, M. (2022). Hierarchical consensus: A horizontal scaling framework for blockchains. In 42nd International Conference on Distributed Computing Systems Workshops (Vol. 2022, pp. 45–52). Bologna, Italy: Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/icdcsw56584.2022.00018","mla":"De la Rocha, Alfonso, et al. “Hierarchical Consensus: A Horizontal Scaling Framework for Blockchains.” 42nd International Conference on Distributed Computing Systems Workshops, vol. 2022, Institute of Electrical and Electronics Engineers, 2022, pp. 45–52, doi:10.1109/icdcsw56584.2022.00018.","short":"A. De la Rocha, E. Kokoris Kogias, J.M. Soares, M. Vukolic, in:, 42nd International Conference on Distributed Computing Systems Workshops, Institute of Electrical and Electronics Engineers, 2022, pp. 45–52.","chicago":"De la Rocha, Alfonso, Eleftherios Kokoris Kogias, Jorge M. Soares, and Marko Vukolic. “Hierarchical Consensus: A Horizontal Scaling Framework for Blockchains.” In 42nd International Conference on Distributed Computing Systems Workshops, 2022:45–52. Institute of Electrical and Electronics Engineers, 2022. https://doi.org/10.1109/icdcsw56584.2022.00018."},"publication":"42nd International Conference on Distributed Computing Systems Workshops","page":"45-52","date_published":"2022-11-29T00:00:00Z","scopus_import":"1","article_processing_charge":"No","day":"29","year":"2022","publisher":"Institute of Electrical and Electronics Engineers","department":[{"_id":"ElKo"}],"publication_status":"published","author":[{"full_name":"De la Rocha, Alfonso","first_name":"Alfonso","last_name":"De la Rocha"},{"full_name":"Kokoris Kogias, Eleftherios","first_name":"Eleftherios","last_name":"Kokoris Kogias","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30"},{"full_name":"Soares, Jorge M.","first_name":"Jorge M.","last_name":"Soares"},{"first_name":"Marko","last_name":"Vukolic","full_name":"Vukolic, Marko"}],"volume":2022,"date_created":"2023-01-12T12:09:28Z","date_updated":"2023-08-04T09:06:02Z","external_id":{"isi":["000895984800009"]},"quality_controlled":"1","isi":1,"doi":"10.1109/icdcsw56584.2022.00018","conference":{"end_date":"2022-07-10","location":"Bologna, Italy","start_date":"2022-07-10","name":"ICDCSW: International Conference on Distributed Computing Systems Workshop"},"language":[{"iso":"eng"}],"publication_identifier":{"eissn":["2332-5666"],"eisbn":["9781665488792"]},"month":"11"},{"month":"10","publication_identifier":{"issn":["0302-9743"],"eisbn":["9783031182839"],"isbn":["9783031182822"],"eissn":["1611-3349"]},"quality_controlled":"1","external_id":{"arxiv":["2106.10362"]},"oa":1,"main_file_link":[{"url":" https://doi.org/10.48550/arXiv.2106.10362","open_access":"1"}],"language":[{"iso":"eng"}],"conference":{"start_date":"2022-05-02","location":"Radisson Grenada Beach Resort, Grenada","end_date":"2022-05-06","name":"FC: Financial Cryptography"},"doi":"10.1007/978-3-031-18283-9_14","publication_status":"published","department":[{"_id":"ElKo"}],"publisher":"Springer Nature","acknowledgement":"We thank our shepherd Aniket Kate and the anonymous reviewers at FC 2022 for their helpful feedback. This work is supported by the Novi team at Facebook. We also thank the Novi Research and Engineering teams for valuable feedback, and in particular Mathieu Baudet, Andrey Chursin, George Danezis, Zekun Li, and Dahlia Malkhi for discussions that shaped this work.","year":"2022","date_updated":"2023-09-05T15:13:17Z","date_created":"2023-01-16T10:05:51Z","volume":13411,"author":[{"full_name":"Gelashvili, Rati","first_name":"Rati","last_name":"Gelashvili"},{"full_name":"Kokoris Kogias, Eleftherios","first_name":"Eleftherios","last_name":"Kokoris Kogias","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30"},{"full_name":"Sonnino, Alberto","first_name":"Alberto","last_name":"Sonnino"},{"full_name":"Spiegelman, Alexander","last_name":"Spiegelman","first_name":"Alexander"},{"last_name":"Xiang","first_name":"Zhuolun","full_name":"Xiang, Zhuolun"}],"scopus_import":"1","day":"22","article_processing_charge":"No","page":"296-315","publication":"Financial Cryptography and Data Security","citation":{"chicago":"Gelashvili, Rati, Eleftherios Kokoris Kogias, Alberto Sonnino, Alexander Spiegelman, and Zhuolun Xiang. “Jolteon and Ditto: Network-Adaptive Efficient Consensus with Asynchronous Fallback.” In Financial Cryptography and Data Security, 13411:296–315. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-18283-9_14.","mla":"Gelashvili, Rati, et al. “Jolteon and Ditto: Network-Adaptive Efficient Consensus with Asynchronous Fallback.” Financial Cryptography and Data Security, vol. 13411, Springer Nature, 2022, pp. 296–315, doi:10.1007/978-3-031-18283-9_14.","short":"R. Gelashvili, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, Z. Xiang, in:, Financial Cryptography and Data Security, Springer Nature, 2022, pp. 296–315.","ista":"Gelashvili R, Kokoris Kogias E, Sonnino A, Spiegelman A, Xiang Z. 2022. Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback. Financial Cryptography and Data Security. FC: Financial Cryptography, LNCS, vol. 13411, 296–315.","ieee":"R. Gelashvili, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, and Z. Xiang, “Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback,” in Financial Cryptography and Data Security, Radisson Grenada Beach Resort, Grenada, 2022, vol. 13411, pp. 296–315.","apa":"Gelashvili, R., Kokoris Kogias, E., Sonnino, A., Spiegelman, A., & Xiang, Z. (2022). Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback. In Financial Cryptography and Data Security (Vol. 13411, pp. 296–315). Radisson Grenada Beach Resort, Grenada: Springer Nature. https://doi.org/10.1007/978-3-031-18283-9_14","ama":"Gelashvili R, Kokoris Kogias E, Sonnino A, Spiegelman A, Xiang Z. Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback. In: Financial Cryptography and Data Security. Vol 13411. Springer Nature; 2022:296-315. doi:10.1007/978-3-031-18283-9_14"},"date_published":"2022-10-22T00:00:00Z","alternative_title":["LNCS"],"type":"conference","abstract":[{"lang":"eng","text":"Existing committee-based Byzantine state machine replication (SMR) protocols, typically deployed in production blockchains, face a clear trade-off: (1) they either achieve linear communication cost in the steady state, but sacrifice liveness during periods of asynchrony, or (2) they are robust (progress with probability one) but pay quadratic communication cost. We believe this trade-off is unwarranted since existing linear protocols still have asymptotic quadratic cost in the worst case. We design Ditto, a Byzantine SMR protocol that enjoys the best of both worlds: optimal communication on and off the steady state (linear and quadratic, respectively) and progress guarantee under asynchrony and DDoS attacks. We achieve this by replacing the view-synchronization of partially synchronous protocols with an asynchronous fallback mechanism at no extra asymptotic cost. Specifically, we start from HotStuff, a state-of-the-art linear protocol, and gradually build Ditto. As a separate contribution and an intermediate step, we design a 2-chain version of HotStuff, Jolteon, which leverages a quadratic view-change mechanism to reduce the latency of the standard 3-chain HotStuff. We implement and experimentally evaluate all our systems to prove that breaking the robustness-efficiency trade-off is in the realm of practicality."}],"status":"public","title":"Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback","intvolume":" 13411","user_id":"c635000d-4b10-11ee-a964-aac5a93f6ac1","_id":"12298","oa_version":"Preprint"},{"_id":"12168","user_id":"c635000d-4b10-11ee-a964-aac5a93f6ac1","status":"public","title":"Be aware of your leaders","intvolume":" 13411","oa_version":"Preprint","type":"conference","alternative_title":["LNCS"],"abstract":[{"text":"Advances in blockchains have influenced the State-Machine-Replication (SMR) world and many state-of-the-art blockchain-SMR solutions are based on two pillars: Chaining and Leader-rotation. A predetermined round-robin mechanism used for Leader-rotation, however, has an undesirable behavior: crashed parties become designated leaders infinitely often, slowing down overall system performance. In this paper, we provide a new Leader-Aware SMR framework that, among other desirable properties, formalizes a Leader-utilization requirement that bounds the number of rounds whose leaders are faulty in crash-only executions.\r\nWe introduce Carousel, a novel, reputation-based Leader-rotation solution to achieve Leader-Aware SMR. The challenge in adaptive Leader-rotation is that it cannot rely on consensus to determine a leader, since consensus itself needs a leader. Carousel uses the available on-chain information to determine a leader locally and achieves Liveness despite this difficulty. A HotStuff implementation fitted with Carousel demonstrates drastic performance improvements: it increases throughput over 2x in faultless settings and provided a 20x throughput increase and 5x latency reduction in the presence of faults.","lang":"eng"}],"publication":"International Conference on Financial Cryptography and Data Security","citation":{"ista":"Cohen S, Gelashvili R, Kokoris Kogias E, Li Z, Malkhi D, Sonnino A, Spiegelman A. 2022. Be aware of your leaders. International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13411, 279–295.","ieee":"S. Cohen et al., “Be aware of your leaders,” in International Conference on Financial Cryptography and Data Security, Grenada, 2022, vol. 13411, pp. 279–295.","apa":"Cohen, S., Gelashvili, R., Kokoris Kogias, E., Li, Z., Malkhi, D., Sonnino, A., & Spiegelman, A. (2022). Be aware of your leaders. In International Conference on Financial Cryptography and Data Security (Vol. 13411, pp. 279–295). Grenada: Springer Nature. https://doi.org/10.1007/978-3-031-18283-9_13","ama":"Cohen S, Gelashvili R, Kokoris Kogias E, et al. Be aware of your leaders. In: International Conference on Financial Cryptography and Data Security. Vol 13411. Springer Nature; 2022:279-295. doi:10.1007/978-3-031-18283-9_13","chicago":"Cohen, Shir, Rati Gelashvili, Eleftherios Kokoris Kogias, Zekun Li, Dahlia Malkhi, Alberto Sonnino, and Alexander Spiegelman. “Be Aware of Your Leaders.” In International Conference on Financial Cryptography and Data Security, 13411:279–95. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-18283-9_13.","mla":"Cohen, Shir, et al. “Be Aware of Your Leaders.” International Conference on Financial Cryptography and Data Security, vol. 13411, Springer Nature, 2022, pp. 279–95, doi:10.1007/978-3-031-18283-9_13.","short":"S. Cohen, R. Gelashvili, E. Kokoris Kogias, Z. Li, D. Malkhi, A. Sonnino, A. Spiegelman, in:, International Conference on Financial Cryptography and Data Security, Springer Nature, 2022, pp. 279–295."},"page":"279-295","date_published":"2022-10-22T00:00:00Z","scopus_import":"1","day":"22","article_processing_charge":"No","year":"2022","publication_status":"published","publisher":"Springer Nature","department":[{"_id":"ElKo"}],"author":[{"full_name":"Cohen, Shir","last_name":"Cohen","first_name":"Shir"},{"last_name":"Gelashvili","first_name":"Rati","full_name":"Gelashvili, Rati"},{"full_name":"Kokoris Kogias, Eleftherios","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","last_name":"Kokoris Kogias","first_name":"Eleftherios"},{"last_name":"Li","first_name":"Zekun","full_name":"Li, Zekun"},{"last_name":"Malkhi","first_name":"Dahlia","full_name":"Malkhi, Dahlia"},{"last_name":"Sonnino","first_name":"Alberto","full_name":"Sonnino, Alberto"},{"full_name":"Spiegelman, Alexander","first_name":"Alexander","last_name":"Spiegelman"}],"date_created":"2023-01-12T12:10:49Z","date_updated":"2023-09-05T15:11:35Z","volume":13411,"oa":1,"external_id":{"arxiv":["2110.00960"]},"main_file_link":[{"url":"https://doi.org/10.48550/arXiv.2110.00960","open_access":"1"}],"quality_controlled":"1","conference":{"end_date":"2022-05-06","start_date":"2022-05-02","location":"Grenada","name":"FC: Financial Cryptography and Data Security"},"doi":"10.1007/978-3-031-18283-9_13","language":[{"iso":"eng"}],"month":"10","publication_identifier":{"issn":["0302-9743"],"eisbn":["9783031182839"],"isbn":["9783031182822"],"eissn":["1611-3349"]}},{"day":"17","article_processing_charge":"No","scopus_import":"1","date_published":"2021-09-17T00:00:00Z","page":"431-450","publication":"FC 2021 Workshops","citation":{"ama":"Blackshear S, Chalkias K, Chatzigiannis P, et al. Reactive key-loss protection in blockchains. In: FC 2021 Workshops. Vol 12676. Springer Nature; 2021:431-450. doi:10.1007/978-3-662-63958-0_34","ista":"Blackshear S, Chalkias K, Chatzigiannis P, Faizullabhoy R, Khaburzaniya I, Kokoris Kogias E, Lind J, Wong D, Zakian T. 2021. Reactive key-loss protection in blockchains. FC 2021 Workshops. FC: International Conference on Financial Cryptography and Data Security, LNCS, vol. 12676, 431–450.","ieee":"S. Blackshear et al., “Reactive key-loss protection in blockchains,” in FC 2021 Workshops, Virtual, 2021, vol. 12676, pp. 431–450.","apa":"Blackshear, S., Chalkias, K., Chatzigiannis, P., Faizullabhoy, R., Khaburzaniya, I., Kokoris Kogias, E., … Zakian, T. (2021). Reactive key-loss protection in blockchains. In FC 2021 Workshops (Vol. 12676, pp. 431–450). Virtual: Springer Nature. https://doi.org/10.1007/978-3-662-63958-0_34","mla":"Blackshear, Sam, et al. “Reactive Key-Loss Protection in Blockchains.” FC 2021 Workshops, vol. 12676, Springer Nature, 2021, pp. 431–50, doi:10.1007/978-3-662-63958-0_34.","short":"S. Blackshear, K. Chalkias, P. Chatzigiannis, R. Faizullabhoy, I. Khaburzaniya, E. Kokoris Kogias, J. Lind, D. Wong, T. Zakian, in:, FC 2021 Workshops, Springer Nature, 2021, pp. 431–450.","chicago":"Blackshear, Sam, Konstantinos Chalkias, Panagiotis Chatzigiannis, Riyaz Faizullabhoy, Irakliy Khaburzaniya, Eleftherios Kokoris Kogias, Joshua Lind, David Wong, and Tim Zakian. “Reactive Key-Loss Protection in Blockchains.” In FC 2021 Workshops, 12676:431–50. Springer Nature, 2021. https://doi.org/10.1007/978-3-662-63958-0_34."},"abstract":[{"lang":"eng","text":"We present a novel approach for blockchain asset owners to reclaim their funds in case of accidental private-key loss or transfer to a mistyped address. Our solution can be deployed upon failure or absence of proactively implemented backup mechanisms, such as secret sharing and cold storage. The main advantages against previous proposals is it does not require any prior action from users and works with both single-key and multi-sig accounts. We achieve this by a 3-phase Commit()→Reveal()→Claim()−or−Challenge() smart contract that enables accessing funds of addresses for which the spending key is not available. We provide an analysis of the threat and incentive models and formalize the concept of reactive KEy-Loss Protection (KELP)."}],"alternative_title":["LNCS"],"type":"conference","oa_version":"Preprint","status":"public","title":"Reactive key-loss protection in blockchains","user_id":"4359f0d1-fa6c-11eb-b949-802e58b17ae8","_id":"10076","month":"09","publication_identifier":{"eissn":["1611-3349"],"isbn":["978-3-6626-3957-3"],"eisbn":["978-3-662-63958-0"],"issn":["0302-9743"]},"language":[{"iso":"eng"}],"conference":{"end_date":"2021-03-05","start_date":"2021-03-01","location":"Virtual","name":"FC: International Conference on Financial Cryptography and Data Security"},"doi":"10.1007/978-3-662-63958-0_34","isi":1,"quality_controlled":"1","main_file_link":[{"open_access":"1","url":"https://research.fb.com/publications/reactive-key-loss-protection-in-blockchains/"}],"oa":1,"external_id":{"isi":["000713005000034"]},"date_created":"2021-10-03T22:01:24Z","date_updated":"2023-08-14T07:06:16Z","volume":"12676 ","author":[{"first_name":"Sam","last_name":"Blackshear","full_name":"Blackshear, Sam"},{"first_name":"Konstantinos","last_name":"Chalkias","full_name":"Chalkias, Konstantinos"},{"full_name":"Chatzigiannis, Panagiotis","last_name":"Chatzigiannis","first_name":"Panagiotis"},{"last_name":"Faizullabhoy","first_name":"Riyaz","full_name":"Faizullabhoy, Riyaz"},{"full_name":"Khaburzaniya, Irakliy","last_name":"Khaburzaniya","first_name":"Irakliy"},{"id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","last_name":"Kokoris Kogias","first_name":"Eleftherios","full_name":"Kokoris Kogias, Eleftherios"},{"full_name":"Lind, Joshua","last_name":"Lind","first_name":"Joshua"},{"last_name":"Wong","first_name":"David","full_name":"Wong, David"},{"first_name":"Tim","last_name":"Zakian","full_name":"Zakian, Tim"}],"publication_status":"published","publisher":"Springer Nature","department":[{"_id":"ElKo"}],"year":"2021","acknowledgement":"The authors would like to thank all anonymous reviewers of FC21 WTSC workshop for comments and suggestions that greatly improved the quality of this paper."},{"type":"conference","alternative_title":["LNCS"],"abstract":[{"lang":"eng","text":"Since the inception of Bitcoin, a plethora of distributed ledgers differing in design and purpose has been created. While by design, blockchains provide no means to securely communicate with external systems, numerous attempts towards trustless cross-chain communication have been proposed over the years. Today, cross-chain communication (CCC) plays a fundamental role in cryptocurrency exchanges, scalability efforts via sharding, extension of existing systems through sidechains, and bootstrapping of new blockchains. Unfortunately, existing proposals are designed ad-hoc for specific use-cases, making it hard to gain confidence in their correctness and composability. We provide the first systematic exposition of cross-chain communication protocols. We formalize the underlying research problem and show that CCC is impossible without a trusted third party, contrary to common beliefs in the blockchain community. With this result in mind, we develop a framework to design new and evaluate existing CCC protocols, focusing on the inherent trust assumptions thereof, and derive a classification covering the field of cross-chain communication to date. We conclude by discussing open challenges for CCC research and the implications of interoperability on the security and privacy of blockchains."}],"user_id":"4359f0d1-fa6c-11eb-b949-802e58b17ae8","_id":"10325","status":"public","title":"SoK: Communication across distributed ledgers","oa_version":"Preprint","scopus_import":"1","day":"23","article_processing_charge":"No","publication":"25th International Conference on Financial Cryptography and Data Security","citation":{"chicago":"Zamyatin, Alexei, Mustafa Al-Bassam, Dionysis Zindros, Eleftherios Kokoris Kogias, Pedro Moreno-Sanchez, Aggelos Kiayias, and William J. Knottenbelt. “SoK: Communication across Distributed Ledgers.” In 25th International Conference on Financial Cryptography and Data Security, 12675:3–36. Springer Nature, 2021. https://doi.org/10.1007/978-3-662-64331-0_1.","mla":"Zamyatin, Alexei, et al. “SoK: Communication across Distributed Ledgers.” 25th International Conference on Financial Cryptography and Data Security, vol. 12675, Springer Nature, 2021, pp. 3–36, doi:10.1007/978-3-662-64331-0_1.","short":"A. Zamyatin, M. Al-Bassam, D. Zindros, E. Kokoris Kogias, P. Moreno-Sanchez, A. Kiayias, W.J. Knottenbelt, in:, 25th International Conference on Financial Cryptography and Data Security, Springer Nature, 2021, pp. 3–36.","ista":"Zamyatin A, Al-Bassam M, Zindros D, Kokoris Kogias E, Moreno-Sanchez P, Kiayias A, Knottenbelt WJ. 2021. SoK: Communication across distributed ledgers. 25th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography, LNCS, vol. 12675, 3–36.","apa":"Zamyatin, A., Al-Bassam, M., Zindros, D., Kokoris Kogias, E., Moreno-Sanchez, P., Kiayias, A., & Knottenbelt, W. J. (2021). SoK: Communication across distributed ledgers. In 25th International Conference on Financial Cryptography and Data Security (Vol. 12675, pp. 3–36). Virtual: Springer Nature. https://doi.org/10.1007/978-3-662-64331-0_1","ieee":"A. Zamyatin et al., “SoK: Communication across distributed ledgers,” in 25th International Conference on Financial Cryptography and Data Security, Virtual, 2021, vol. 12675, pp. 3–36.","ama":"Zamyatin A, Al-Bassam M, Zindros D, et al. SoK: Communication across distributed ledgers. In: 25th International Conference on Financial Cryptography and Data Security. Vol 12675. Springer Nature; 2021:3-36. doi:10.1007/978-3-662-64331-0_1"},"page":"3-36","date_published":"2021-10-23T00:00:00Z","acknowledgement":"We would like express our gratitude to Georgia Avarikioti, Daniel Perez and Dominik Harz for helpful comments and feedback on earlier versions of this manuscript. We also thank Nicholas Stifter, Aljosha Judmayer, Philipp Schindler, Edgar Weippl, and Alistair Stewart for insightful discussions during the early stages of this research. We also wish to thank the anonymous reviewers for their valuable comments that helped improve the presentation of our results. This research was funded by Bridge 1 858561 SESC; Bridge 1 864738 PR4DLT (all FFG); the Christian Doppler Laboratory for Security and Quality Improvement in the Production System Lifecycle (CDL-SQI); the competence center SBA-K1 funded by COMET; Chaincode Labs through the project SLN: Scalability for the Lightning Network; and by the Austrian Science Fund (FWF) through the Meitner program (project M-2608). Mustafa Al-Bassam is funded by a scholarship from the Alan Turing Institute. Alexei Zamyatin conducted the early stages of this work during his time at SBA Research, and was supported by a Binance Research Fellowship.","year":"2021","publication_status":"published","publisher":"Springer Nature","department":[{"_id":"ElKo"}],"author":[{"last_name":"Zamyatin","first_name":"Alexei","full_name":"Zamyatin, Alexei"},{"last_name":"Al-Bassam","first_name":"Mustafa","full_name":"Al-Bassam, Mustafa"},{"full_name":"Zindros, Dionysis","first_name":"Dionysis","last_name":"Zindros"},{"id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","last_name":"Kokoris Kogias","first_name":"Eleftherios","full_name":"Kokoris Kogias, Eleftherios"},{"first_name":"Pedro","last_name":"Moreno-Sanchez","full_name":"Moreno-Sanchez, Pedro"},{"last_name":"Kiayias","first_name":"Aggelos","full_name":"Kiayias, Aggelos"},{"full_name":"Knottenbelt, William J.","first_name":"William J.","last_name":"Knottenbelt"}],"date_updated":"2023-08-14T12:59:26Z","date_created":"2021-11-21T23:01:29Z","volume":"12675 ","month":"10","publication_identifier":{"isbn":["9-783-6626-4330-3"],"eissn":["1611-3349"],"issn":["0302-9743"],"eisbn":["978-3-662-64331-0"]},"oa":1,"external_id":{"isi":["000712016200001"]},"main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2019/1128"}],"isi":1,"quality_controlled":"1","conference":{"name":"FC: Financial Cryptography","start_date":"2021-03-01","location":"Virtual","end_date":"2021-03-05"},"doi":"10.1007/978-3-662-64331-0_1","language":[{"iso":"eng"}]},{"date_updated":"2023-08-14T12:59:58Z","date_created":"2021-11-21T23:01:29Z","volume":"12675 ","author":[{"full_name":"Avarikioti, Zeta","last_name":"Avarikioti","first_name":"Zeta"},{"first_name":"Eleftherios","last_name":"Kokoris Kogias","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","full_name":"Kokoris Kogias, Eleftherios"},{"full_name":"Wattenhofer, Roger","last_name":"Wattenhofer","first_name":"Roger"},{"last_name":"Zindros","first_name":"Dionysis","full_name":"Zindros, Dionysis"}],"publication_status":"published","department":[{"_id":"ElKo"}],"publisher":"Springer Nature","acknowledgement":"We would like to thank Kaoutar Elkhiyaoui for her valuable feedback as well as Jakub Sliwinski for his impactful contribution to this work.","year":"2021","language":[{"iso":"eng"}],"conference":{"end_date":"2021-03-05","start_date":"2021-03-01","location":"Virtual","name":"FC: Financial Cryptography"},"doi":"10.1007/978-3-662-64331-0_11","isi":1,"quality_controlled":"1","main_file_link":[{"open_access":"1","url":"https://arxiv.org/abs/1905.11360"}],"oa":1,"external_id":{"arxiv":["1905.11360"],"isi":["000712016200011"]},"month":"10","publication_identifier":{"eisbn":["978-3-662-64331-0"],"issn":["0302-9743"],"eissn":["1611-3349"],"isbn":["9-783-6626-4330-3"]},"oa_version":"Preprint","status":"public","title":"Brick: Asynchronous incentive-compatible payment channels","_id":"10324","user_id":"4359f0d1-fa6c-11eb-b949-802e58b17ae8","abstract":[{"text":"Off-chain protocols (channels) are a promising solution to the scalability and privacy challenges of blockchain payments. Current proposals, however, require synchrony assumptions to preserve the safety of a channel, leaking to an adversary the exact amount of time needed to control the network for a successful attack. In this paper, we introduce Brick, the first payment channel that remains secure under network asynchrony and concurrently provides correct incentives. The core idea is to incorporate the conflict resolution process within the channel by introducing a rational committee of external parties, called wardens. Hence, if a party wants to close a channel unilaterally, it can only get the committee’s approval for the last valid state. Additionally, Brick provides sub-second latency because it does not employ heavy-weight consensus. Instead, Brick uses consistent broadcast to announce updates and close the channel, a light-weight abstraction that is powerful enough to preserve safety and liveness to any rational parties. We formally define and prove for Brick the properties a payment channel construction should fulfill. We also design incentives for Brick such that honest and rational behavior aligns. Finally, we provide a reference implementation of the smart contracts in Solidity.","lang":"eng"}],"alternative_title":["LNCS"],"type":"conference","date_published":"2021-10-23T00:00:00Z","page":"209-230","publication":"25th International Conference on Financial Cryptography and Data Security","citation":{"chicago":"Avarikioti, Zeta, Eleftherios Kokoris Kogias, Roger Wattenhofer, and Dionysis Zindros. “Brick: Asynchronous Incentive-Compatible Payment Channels.” In 25th International Conference on Financial Cryptography and Data Security, 12675:209–30. Springer Nature, 2021. https://doi.org/10.1007/978-3-662-64331-0_11.","short":"Z. Avarikioti, E. Kokoris Kogias, R. Wattenhofer, D. Zindros, in:, 25th International Conference on Financial Cryptography and Data Security, Springer Nature, 2021, pp. 209–230.","mla":"Avarikioti, Zeta, et al. “Brick: Asynchronous Incentive-Compatible Payment Channels.” 25th International Conference on Financial Cryptography and Data Security, vol. 12675, Springer Nature, 2021, pp. 209–30, doi:10.1007/978-3-662-64331-0_11.","apa":"Avarikioti, Z., Kokoris Kogias, E., Wattenhofer, R., & Zindros, D. (2021). Brick: Asynchronous incentive-compatible payment channels. In 25th International Conference on Financial Cryptography and Data Security (Vol. 12675, pp. 209–230). Virtual: Springer Nature. https://doi.org/10.1007/978-3-662-64331-0_11","ieee":"Z. Avarikioti, E. Kokoris Kogias, R. Wattenhofer, and D. Zindros, “Brick: Asynchronous incentive-compatible payment channels,” in 25th International Conference on Financial Cryptography and Data Security, Virtual, 2021, vol. 12675, pp. 209–230.","ista":"Avarikioti Z, Kokoris Kogias E, Wattenhofer R, Zindros D. 2021. Brick: Asynchronous incentive-compatible payment channels. 25th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography, LNCS, vol. 12675, 209–230.","ama":"Avarikioti Z, Kokoris Kogias E, Wattenhofer R, Zindros D. Brick: Asynchronous incentive-compatible payment channels. In: 25th International Conference on Financial Cryptography and Data Security. Vol 12675. Springer Nature; 2021:209-230. doi:10.1007/978-3-662-64331-0_11"},"day":"23","article_processing_charge":"No","scopus_import":"1"},{"language":[{"iso":"eng"}],"doi":"10.1145/3465084.3467905","conference":{"end_date":"2021-07-30","location":"Virtual, Italy","start_date":"2021-07-26","name":"PODC: Principles of Distributed Computing"},"quality_controlled":"1","isi":1,"external_id":{"arxiv":["2102.08325"],"isi":["000744439800016"]},"main_file_link":[{"url":"https://arxiv.org/abs/2102.08325","open_access":"1"}],"oa":1,"publication_identifier":{"isbn":["978-1-4503-8548-0"]},"month":"07","date_created":"2021-12-16T13:21:13Z","date_updated":"2023-08-17T06:24:44Z","author":[{"first_name":"Idit","last_name":"Keidar","full_name":"Keidar, Idit"},{"full_name":"Kokoris Kogias, Eleftherios","last_name":"Kokoris Kogias","first_name":"Eleftherios","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30"},{"full_name":"Naor, Oded","last_name":"Naor","first_name":"Oded"},{"full_name":"Spiegelman, Alexander","last_name":"Spiegelman","first_name":"Alexander"}],"department":[{"_id":"ElKo"}],"publisher":"Association for Computing Machinery","publication_status":"published","year":"2021","acknowledgement":"Oded Naor is grateful to the Technion Hiroshi Fujiwara Cyber-Security Research Center for providing a research grant. Part of Oded’s work was done while at Novi Research. This work was funded by the Novi team at Facebook. We also wish to thank the Novi Research team for valuable feedback, and in particular George Danezis, Alberto Sonnino, and Dahlia Malkhi.\r\n","date_published":"2021-07-21T00:00:00Z","page":"165-175","citation":{"ama":"Keidar I, Kokoris Kogias E, Naor O, Spiegelman A. All You Need is DAG. In: Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing. Association for Computing Machinery; 2021:165-175. doi:10.1145/3465084.3467905","ista":"Keidar I, Kokoris Kogias E, Naor O, Spiegelman A. 2021. All You Need is DAG. Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing. PODC: Principles of Distributed Computing, 165–175.","apa":"Keidar, I., Kokoris Kogias, E., Naor, O., & Spiegelman, A. (2021). All You Need is DAG. In Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing (pp. 165–175). Virtual, Italy: Association for Computing Machinery. https://doi.org/10.1145/3465084.3467905","ieee":"I. Keidar, E. Kokoris Kogias, O. Naor, and A. Spiegelman, “All You Need is DAG,” in Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, Virtual, Italy, 2021, pp. 165–175.","mla":"Keidar, Idit, et al. “All You Need Is DAG.” Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, Association for Computing Machinery, 2021, pp. 165–75, doi:10.1145/3465084.3467905.","short":"I. Keidar, E. Kokoris Kogias, O. Naor, A. Spiegelman, in:, Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, Association for Computing Machinery, 2021, pp. 165–175.","chicago":"Keidar, Idit, Eleftherios Kokoris Kogias, Oded Naor, and Alexander Spiegelman. “All You Need Is DAG.” In Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, 165–75. Association for Computing Machinery, 2021. https://doi.org/10.1145/3465084.3467905."},"publication":"Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing","article_processing_charge":"No","day":"21","scopus_import":"1","oa_version":"Preprint","status":"public","title":"All You Need is DAG","user_id":"4359f0d1-fa6c-11eb-b949-802e58b17ae8","_id":"10554","abstract":[{"lang":"eng","text":"We present DAG-Rider, the first asynchronous Byzantine Atomic Broadcast protocol that achieves optimal resilience, optimal amortized communication complexity, and optimal time complexity. DAG-Rider is post-quantum safe and ensures that all values proposed by correct processes eventually get delivered. We construct DAG-Rider in two layers: In the first layer, processes reliably broadcast their proposals and build a structured Directed Acyclic Graph (DAG) of the communication among them. In the second layer, processes locally observe their DAGs and totally order all proposals with no extra communication."}],"type":"conference"},{"keyword":["optimal","state machine replication","fallback","asynchrony","byzantine faults"],"scopus_import":"1","day":"21","article_processing_charge":"No","page":"187-190","publication":"Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing","citation":{"mla":"Gelashvili, Rati, et al. “Brief Announcement: Be Prepared When Network Goes Bad: An Asynchronous View-Change Protocol.” Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, Association for Computing Machinery, 2021, pp. 187–90, doi:10.1145/3465084.3467941.","short":"R. Gelashvili, E. Kokoris Kogias, A. Spiegelman, Z. Xiang, in:, Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, Association for Computing Machinery, 2021, pp. 187–190.","chicago":"Gelashvili, Rati, Eleftherios Kokoris Kogias, Alexander Spiegelman, and Zhuolun Xiang. “Brief Announcement: Be Prepared When Network Goes Bad: An Asynchronous View-Change Protocol.” In Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, 187–90. Association for Computing Machinery, 2021. https://doi.org/10.1145/3465084.3467941.","ama":"Gelashvili R, Kokoris Kogias E, Spiegelman A, Xiang Z. Brief announcement: Be prepared when network goes bad: An asynchronous view-change protocol. In: Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing. Association for Computing Machinery; 2021:187-190. doi:10.1145/3465084.3467941","ista":"Gelashvili R, Kokoris Kogias E, Spiegelman A, Xiang Z. 2021. Brief announcement: Be prepared when network goes bad: An asynchronous view-change protocol. Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing. PODC: Principles of Distributed Computing, 187–190.","apa":"Gelashvili, R., Kokoris Kogias, E., Spiegelman, A., & Xiang, Z. (2021). Brief announcement: Be prepared when network goes bad: An asynchronous view-change protocol. In Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing (pp. 187–190). Virtual, Italy: Association for Computing Machinery. https://doi.org/10.1145/3465084.3467941","ieee":"R. Gelashvili, E. Kokoris Kogias, A. Spiegelman, and Z. Xiang, “Brief announcement: Be prepared when network goes bad: An asynchronous view-change protocol,” in Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, Virtual, Italy, 2021, pp. 187–190."},"date_published":"2021-07-21T00:00:00Z","type":"conference","abstract":[{"text":"The popularity of permissioned blockchain systems demands BFT SMR protocols that are efficient under good network conditions (synchrony) and robust under bad network conditions (asynchrony). The state-of-the-art partially synchronous BFT SMR protocols provide optimal linear communication cost per decision under synchrony and good leaders, but lose liveness under asynchrony. On the other hand, the state-of-the-art asynchronous BFT SMR protocols are live even under asynchrony, but always pay quadratic cost even under synchrony. In this paper, we propose a BFT SMR protocol that achieves the best of both worlds -- optimal linear cost per decision under good networks and leaders, optimal quadratic cost per decision under bad networks, and remains always live.","lang":"eng"}],"title":"Brief announcement: Be prepared when network goes bad: An asynchronous view-change protocol","status":"public","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","_id":"10553","oa_version":"Preprint","month":"07","publication_identifier":{"isbn":["9-781-4503-8548-0"]},"quality_controlled":"1","isi":1,"main_file_link":[{"url":"https://arxiv.org/abs/2103.03181","open_access":"1"}],"oa":1,"external_id":{"isi":["000744439800018"],"arxiv":["2103.03181"]},"language":[{"iso":"eng"}],"conference":{"name":"PODC: Principles of Distributed Computing","end_date":"2021-07-30","start_date":"2021-07-26","location":"Virtual, Italy"},"doi":"10.1145/3465084.3467941","publication_status":"published","department":[{"_id":"ElKo"}],"publisher":"Association for Computing Machinery","year":"2021","date_created":"2021-12-16T13:20:19Z","date_updated":"2023-09-04T11:42:10Z","author":[{"full_name":"Gelashvili, Rati","last_name":"Gelashvili","first_name":"Rati"},{"id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","last_name":"Kokoris Kogias","first_name":"Eleftherios","full_name":"Kokoris Kogias, Eleftherios"},{"last_name":"Spiegelman","first_name":"Alexander","full_name":"Spiegelman, Alexander"},{"full_name":"Xiang, Zhuolun","last_name":"Xiang","first_name":"Zhuolun"}]},{"_id":"10557","user_id":"8b945eb4-e2f2-11eb-945a-df72226e66a9","year":"2020","title":"Cryptographically verifiable data structure having multi-hop forward and backwards links and associated systems and methods","status":"public","applicant":["Ecole Polytechnique Federale de Lausanne"],"department":[{"_id":"ElKo"}],"author":[{"full_name":"Ford, Bryan","first_name":"Bryan","last_name":"Ford"},{"last_name":"Gasse","first_name":"Linus","full_name":"Gasse, Linus"},{"first_name":"Eleftherios","last_name":"Kokoris Kogias","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","full_name":"Kokoris Kogias, Eleftherios"},{"full_name":"Jovanovic, Philipp","last_name":"Jovanovic","first_name":"Philipp"}],"related_material":{"link":[{"relation":"earlier_version","url":"https://patents.google.com/patent/US20180359096A1/en"}]},"date_updated":"2021-12-21T10:04:50Z","date_created":"2021-12-16T13:28:59Z","ipc":" H04L9/3247 ; G06Q20/29 ; G06Q20/382 ; H04L9/3236","oa_version":"Published Version","type":"patent","abstract":[{"lang":"eng","text":"Data storage and retrieval systems, methods, and computer-readable media utilize a cryptographically verifiable data structure that facilitates verification of a transaction in a decentralized peer-to-peer environment using multi-hop backwards and forwards links. Backward links are cryptographic hashes of past records. Forward links are cryptographic signatures of future records that are added retroactively to records once the target block has been appended to the data structure."}],"extern":"1","main_file_link":[{"url":"https://patents.google.com/patent/US10581613B2/en","open_access":"1"}],"ipn":"10581613","citation":{"short":"B. Ford, L. Gasse, E. Kokoris Kogias, P. Jovanovic, (2020).","mla":"Ford, Bryan, et al. Cryptographically Verifiable Data Structure Having Multi-Hop Forward and Backwards Links and Associated Systems and Methods. 2020.","chicago":"Ford, Bryan, Linus Gasse, Eleftherios Kokoris Kogias, and Philipp Jovanovic. “Cryptographically Verifiable Data Structure Having Multi-Hop Forward and Backwards Links and Associated Systems and Methods,” 2020.","ama":"Ford B, Gasse L, Kokoris Kogias E, Jovanovic P. Cryptographically verifiable data structure having multi-hop forward and backwards links and associated systems and methods. 2020.","ieee":"B. Ford, L. Gasse, E. Kokoris Kogias, and P. Jovanovic, “Cryptographically verifiable data structure having multi-hop forward and backwards links and associated systems and methods.” 2020.","apa":"Ford, B., Gasse, L., Kokoris Kogias, E., & Jovanovic, P. (2020). Cryptographically verifiable data structure having multi-hop forward and backwards links and associated systems and methods.","ista":"Ford B, Gasse L, Kokoris Kogias E, Jovanovic P. 2020. Cryptographically verifiable data structure having multi-hop forward and backwards links and associated systems and methods."},"publication_date":"2020-03-03","oa":1,"date_published":"2020-03-03T00:00:00Z","application_date":"2017-06-09","day":"03","month":"03","article_processing_charge":"No"},{"acknowledgement":"We thank Nicolas Gailly, Vincent Graf, Jean-Pierre Hubaux, Wouter Lueks, Massimo Marelli, Carmela Troncoso, Juan-Ramón Troncoso Pastoriza, Frédéric Pont, and Sandra Siby for their valuable feedback. This project was supported in part by the ETH domain under PHRT grant #2017−201, and by the AXA Research Fund, Byzgen, DFINITY, and the Swiss Data Science Center (SDSC).","year":"2020","publication_status":"published","department":[{"_id":"ElKo"}],"publisher":"Association for Computing Machinery","author":[{"first_name":"Eleftherios","last_name":"Kokoris Kogias","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","full_name":"Kokoris Kogias, Eleftherios"},{"full_name":"Alp, Enis Ceyhun","first_name":"Enis Ceyhun","last_name":"Alp"},{"last_name":"Gasser","first_name":"Linus","full_name":"Gasser, Linus"},{"last_name":"Jovanovic","first_name":"Philipp","full_name":"Jovanovic, Philipp"},{"first_name":"Ewa","last_name":"Syta","full_name":"Syta, Ewa"},{"full_name":"Ford, Bryan","first_name":"Bryan","last_name":"Ford"}],"date_created":"2021-01-17T23:01:13Z","date_updated":"2023-08-24T13:57:13Z","volume":14,"oa":1,"tmp":{"name":"Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)","legal_code_url":"https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode","short":"CC BY-NC-ND (4.0)","image":"/images/cc_by_nc_nd.png"},"external_id":{"isi":["000658495400012"]},"main_file_link":[{"url":"https://dl.acm.org/doi/10.14778/3436905.3436917","open_access":"1"}],"isi":1,"quality_controlled":"1","doi":"10.14778/3436905.3436917","language":[{"iso":"eng"}],"month":"12","publication_identifier":{"eissn":["2150-8097"]},"_id":"9011","user_id":"4359f0d1-fa6c-11eb-b949-802e58b17ae8","title":"CALYPSO: Private data management for decentralized ledgers","status":"public","intvolume":" 14","oa_version":"Published Version","type":"journal_article","abstract":[{"text":"Distributed ledgers provide high availability and integrity, making them a key enabler for practical and secure computation of distributed workloads among mutually distrustful parties. Many practical applications also require strong confidentiality, however. This work enhances permissioned and permissionless blockchains with the ability to manage confidential data without forfeiting availability or decentralization. The proposed Calypso architecture addresses two orthogonal challenges confronting modern distributed ledgers: (a) enabling the auditable management of secrets and (b) protecting distributed computations against arbitrage attacks when their results depend on the ordering and secrecy of inputs.\r\n\r\nCalypso introduces on-chain secrets, a novel abstraction that enforces atomic deposition of an auditable trace whenever users access confidential data. Calypso provides user-controlled consent management that ensures revocation atomicity and accountable anonymity. To enable permissionless deployment, we introduce an incentive scheme and provide users with the option to select their preferred trustees. We evaluated our Calypso prototype with a confidential document-sharing application and a decentralized lottery. Our benchmarks show that transaction-processing latency increases linearly in terms of security (number of trustees) and is in the range of 0.2 to 8 seconds for 16 to 128 trustees.","lang":"eng"}],"issue":"4","publication":"Proceedings of the VLDB Endowment","citation":{"chicago":"Kokoris Kogias, Eleftherios, Enis Ceyhun Alp, Linus Gasser, Philipp Jovanovic, Ewa Syta, and Bryan Ford. “CALYPSO: Private Data Management for Decentralized Ledgers.” Proceedings of the VLDB Endowment. Association for Computing Machinery, 2020. https://doi.org/10.14778/3436905.3436917.","mla":"Kokoris Kogias, Eleftherios, et al. “CALYPSO: Private Data Management for Decentralized Ledgers.” Proceedings of the VLDB Endowment, vol. 14, no. 4, Association for Computing Machinery, 2020, pp. 586–99, doi:10.14778/3436905.3436917.","short":"E. Kokoris Kogias, E.C. Alp, L. Gasser, P. Jovanovic, E. Syta, B. Ford, Proceedings of the VLDB Endowment 14 (2020) 586–599.","ista":"Kokoris Kogias E, Alp EC, Gasser L, Jovanovic P, Syta E, Ford B. 2020. CALYPSO: Private data management for decentralized ledgers. Proceedings of the VLDB Endowment. 14(4), 586–599.","ieee":"E. Kokoris Kogias, E. C. Alp, L. Gasser, P. Jovanovic, E. Syta, and B. Ford, “CALYPSO: Private data management for decentralized ledgers,” Proceedings of the VLDB Endowment, vol. 14, no. 4. Association for Computing Machinery, pp. 586–599, 2020.","apa":"Kokoris Kogias, E., Alp, E. C., Gasser, L., Jovanovic, P., Syta, E., & Ford, B. (2020). CALYPSO: Private data management for decentralized ledgers. Proceedings of the VLDB Endowment. Association for Computing Machinery. https://doi.org/10.14778/3436905.3436917","ama":"Kokoris Kogias E, Alp EC, Gasser L, Jovanovic P, Syta E, Ford B. CALYPSO: Private data management for decentralized ledgers. Proceedings of the VLDB Endowment. 2020;14(4):586-599. doi:10.14778/3436905.3436917"},"article_type":"original","page":"586-599","date_published":"2020-12-01T00:00:00Z","scopus_import":"1","day":"01","article_processing_charge":"No"},{"_id":"10556","user_id":"3E5EF7F0-F248-11E8-B48F-1D18A9856A87","title":"Asynchronous distributed key generation for computationally-secure randomness, consensus, and threshold signatures","status":"public","oa_version":"Preprint","type":"conference","abstract":[{"lang":"eng","text":"In this paper, we present the first Asynchronous Distributed Key Generation (ADKG) algorithm which is also the first distributed key generation algorithm that can generate cryptographic keys with a dual (f,2f+1)-threshold (where f is the number of faulty parties). As a result, using our ADKG we remove the trusted setup assumption that the most scalable consensus algorithms make. In order to create a DKG with a dual (f,2f+1)- threshold we first answer in the affirmative the open question posed by Cachin et al. [7] on how to create an Asynchronous Verifiable Secret Sharing (AVSS) protocol with a reconstruction threshold of f+1Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, Association for Computing Machinery, 2020, pp. 1751–1767, doi:10.1145/3372297.3423364.","chicago":"Kokoris Kogias, Eleftherios, Dahlia Malkhi, and Alexander Spiegelman. “Asynchronous Distributed Key Generation for Computationally-Secure Randomness, Consensus, and Threshold Signatures.” In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 1751–1767. Association for Computing Machinery, 2020. https://doi.org/10.1145/3372297.3423364.","ama":"Kokoris Kogias E, Malkhi D, Spiegelman A. Asynchronous distributed key generation for computationally-secure randomness, consensus, and threshold signatures. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery; 2020:1751–1767. doi:10.1145/3372297.3423364","apa":"Kokoris Kogias, E., Malkhi, D., & Spiegelman, A. (2020). Asynchronous distributed key generation for computationally-secure randomness, consensus, and threshold signatures. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 1751–1767). Virtual, United States: Association for Computing Machinery. https://doi.org/10.1145/3372297.3423364","ieee":"E. Kokoris Kogias, D. Malkhi, and A. Spiegelman, “Asynchronous distributed key generation for computationally-secure randomness, consensus, and threshold signatures,” in Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual, United States, 2020, pp. 1751–1767.","ista":"Kokoris Kogias E, Malkhi D, Spiegelman A. 2020. Asynchronous distributed key generation for computationally-secure randomness, consensus, and threshold signatures. Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. CCS: Computer and Communications Security, 1751–1767."},"page":"1751–1767","date_published":"2020-10-30T00:00:00Z","scopus_import":"1","day":"30","article_processing_charge":"No","year":"2020","acknowledgement":"We would like to thank Ittai Abraham for the discussions and guidance during the initial conception of the project, especially for HAVSS. Furthermore, we would like to thank the anonymous reviewers for pointing out the relevance of this work to MPC protocols.","publication_status":"published","department":[{"_id":"ElKo"}],"publisher":"Association for Computing Machinery","author":[{"full_name":"Kokoris Kogias, Eleftherios","first_name":"Eleftherios","last_name":"Kokoris Kogias","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30"},{"last_name":"Malkhi","first_name":"Dahlia","full_name":"Malkhi, Dahlia"},{"full_name":"Spiegelman, Alexander","last_name":"Spiegelman","first_name":"Alexander"}],"date_updated":"2024-02-22T13:10:45Z","date_created":"2021-12-16T13:23:27Z","oa":1,"main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2019/1015"}],"external_id":{"isi":["000768470400104"]},"quality_controlled":"1","isi":1,"conference":{"name":"CCS: Computer and Communications Security","end_date":"2020-11-13","start_date":"2020-11-09","location":"Virtual, United States"},"doi":"10.1145/3372297.3423364","language":[{"iso":"eng"}],"month":"10","publication_identifier":{"isbn":["978-1-4503-7089-9"]}}]