与传统支付方式相比,区块链具有去中心化和隐私保护的优势,但涉及轻量型客户端交易的隐私安全性和用户友好性时仍存在问题。为此,提出了一种可以为区块链交易过程提供隐私保护的系统——SGXTrans。SGXTrans在轻量型客户端的设计框架上运用因特尔的软件防护扩展(software guard executions,SGX)技术,将用户密钥、生成用户地址等密码学数据和操作以及区块链交易过程中敏感的隐私信息处理过程放置于SGX安全区加以保护。为了隐藏本地数据存储过程的数据访问模式,SGXTrans还引入了茫然随机访问机算法以防止隐私信息被恶意攻击者间接推断。基于现有区块链网络进行的实验结果表明:SGXTrans能在低于10%的性能开销下确保隐私安全性与用户友好性。
Compared to traditional payment, blockchain has the advantages of decentralization and privacy protection, while there are still issues with the privacy and security of transactions involving lightweight clients and with the user-friendliness of blockchain systems. This paper proposes SGXTrans, a system that can provide privacy protection for blockchain transaction. On the framework of lightweight clients, as SGXTrans creates a service, it uses Intel software guard extensions (SGX) to protect sensitive privacy information by putting them into the SGX enclave, including cryptographic data and operations such as the user key, the generation of user addresses, and the process of blockchain transactions. To hide the access patterns of local data storage processes, SGXTrans also introduces oblivious random access machine (ORAM) algorithm to prevent privacy information from being indirectly inferred by malicious attackers. Experiments based on the existing blockchain networks show that SGXTrans can provide better user-friendliness and higher security with a performance overhead less than 10%.
[1] Nakamoto S. Bitcoin:a per-to-per electronic cash system[EB/OL].[2020-06-20]. https://bitcoin.org/bitcoin.pdf, 2008.
[2] Vitalik B, Gavin W. Ethereum[EB/OL].[2020-06-20]. https://www.ethereum.org/.
[3] Brian B. Hyperledger Fabric[EB/OL].[2020-06-20]. https://www.hyperledger.org/use/fabric.
[4] Hearn M, Corallo M. Connection bloom filtering[EB/OL].[2020-06-20]. https://github.com/bitcoin/bips/blob/master/bip-0037.mediawiki.
[5] Osuntokun O, Akselrod A, Posen J. Client side block filtering[EB/OL].[2020-06-20]. https://github.com/bitcoin/bips/blob/master/bip-0157.mediawiki.
[6] Matetic S, Wüst K, Schneider M, et al. BITE:Bitcoin lightweight client privacy using trusted execution[C]//The 28th USENIX Security Symposium, 2019:783-800.
[7] Gervals A, Capkun S, Karame G, et al. On the privacy provisions of bloom filters in lightweight Bitcoin clients[C]//Proceedings of the 30th Annual Computer Security Applications Conference, 2014:326-335.
[8] Wuille P. Hierarchical deterministic wallets[EB/OL].[2020-06-20]. https://github.com/bitcoin/bips/wiki/Comments:BIP-0032.
[9] Costan V, Devadas S. Intel SGX explained[J]. Cryptology ePrint Archive, 2016(86):1-118.
[10] Goldreich O, Ostrovsky R. Software protection and simulation on oblivious rams[J]. Journal of the ACM, 1996, 43(3):431-473.
[11] Chang Z, Xie D, Li F. Oblivious RAM:a dissection and experimental evaluation[J]. Proceedings of the Very Large Data Bases Endowment, 2016, 9(12):1113-1124.
[12] Stefanov E, Van D M, Shi E, et al. Path ORAM:an extremely simple oblivious RAM protocol[C]//ACM Conference on Computer and Communications Security, 2013:299-310.
[13] Mishra P, Poddar R, Chen J, et al. Oblix:an efficient oblivious search index[C]//Proceedings of the 39th IEEE Symposium on Security and Privacy, 2018:279-296.
[14] Sasy S, Gorbunov S, Letcher C. ZeroTrace:oblivious memory primitives from Intel SGX[C]//Network and Distributed System Security Symposium, 2018(42):1-15.
[15] Ahmad A, Kim K, Sarfaraz M I, et al. OBLIVIATE:a data oblivious file system for Intel SGX[C]//Network and Distributed System Security Symposium, 2018(84):1-15.
[16] Huang B, Zhou F, Liu Z, et al. VNTChain[EB/OL].[2020-06-20]. http://www.vntchain.io/.
