Compared to traditional payment, blockchain has the advantages of decentralization and privacy protection, while there are still issues with the privacy and security of transactions involving lightweight clients and with the user-friendliness of blockchain systems. This paper proposes SGXTrans, a system that can provide privacy protection for blockchain transaction. On the framework of lightweight clients, as SGXTrans creates a service, it uses Intel software guard extensions (SGX) to protect sensitive privacy information by putting them into the SGX enclave, including cryptographic data and operations such as the user key, the generation of user addresses, and the process of blockchain transactions. To hide the access patterns of local data storage processes, SGXTrans also introduces oblivious random access machine (ORAM) algorithm to prevent privacy information from being indirectly inferred by malicious attackers. Experiments based on the existing blockchain networks show that SGXTrans can provide better user-friendliness and higher security with a performance overhead less than 10%.
FAN Junsong, CHEN Jianhai, SHEN Rui, LIU Zhenguang, HE Qinming, HUANG Butian
. SGX-Based Approach for Blockchain Transactions Security and Privacy Protection[J]. Journal of Applied Sciences, 2021
, 39(1)
: 17
-28
.
DOI: 10.3969/j.issn.0255-8297.2021.01.002
[1] Nakamoto S. Bitcoin:a per-to-per electronic cash system[EB/OL].[2020-06-20]. https://bitcoin.org/bitcoin.pdf, 2008.
[2] Vitalik B, Gavin W. Ethereum[EB/OL].[2020-06-20]. https://www.ethereum.org/.
[3] Brian B. Hyperledger Fabric[EB/OL].[2020-06-20]. https://www.hyperledger.org/use/fabric.
[4] Hearn M, Corallo M. Connection bloom filtering[EB/OL].[2020-06-20]. https://github.com/bitcoin/bips/blob/master/bip-0037.mediawiki.
[5] Osuntokun O, Akselrod A, Posen J. Client side block filtering[EB/OL].[2020-06-20]. https://github.com/bitcoin/bips/blob/master/bip-0157.mediawiki.
[6] Matetic S, Wüst K, Schneider M, et al. BITE:Bitcoin lightweight client privacy using trusted execution[C]//The 28th USENIX Security Symposium, 2019:783-800.
[7] Gervals A, Capkun S, Karame G, et al. On the privacy provisions of bloom filters in lightweight Bitcoin clients[C]//Proceedings of the 30th Annual Computer Security Applications Conference, 2014:326-335.
[8] Wuille P. Hierarchical deterministic wallets[EB/OL].[2020-06-20]. https://github.com/bitcoin/bips/wiki/Comments:BIP-0032.
[9] Costan V, Devadas S. Intel SGX explained[J]. Cryptology ePrint Archive, 2016(86):1-118.
[10] Goldreich O, Ostrovsky R. Software protection and simulation on oblivious rams[J]. Journal of the ACM, 1996, 43(3):431-473.
[11] Chang Z, Xie D, Li F. Oblivious RAM:a dissection and experimental evaluation[J]. Proceedings of the Very Large Data Bases Endowment, 2016, 9(12):1113-1124.
[12] Stefanov E, Van D M, Shi E, et al. Path ORAM:an extremely simple oblivious RAM protocol[C]//ACM Conference on Computer and Communications Security, 2013:299-310.
[13] Mishra P, Poddar R, Chen J, et al. Oblix:an efficient oblivious search index[C]//Proceedings of the 39th IEEE Symposium on Security and Privacy, 2018:279-296.
[14] Sasy S, Gorbunov S, Letcher C. ZeroTrace:oblivious memory primitives from Intel SGX[C]//Network and Distributed System Security Symposium, 2018(42):1-15.
[15] Ahmad A, Kim K, Sarfaraz M I, et al. OBLIVIATE:a data oblivious file system for Intel SGX[C]//Network and Distributed System Security Symposium, 2018(84):1-15.
[16] Huang B, Zhou F, Liu Z, et al. VNTChain[EB/OL].[2020-06-20]. http://www.vntchain.io/.
