Decentralized cryptocurrencies such as Bitcoin have ignited much excitement, not only for their novel realization of central bank-free financial instruments, but also as an alternative approach to classical distributed computing problems, such as reaching agreement distributedly in the presence of misbehaving parties, as well as to numerous other applications―contracts, reputation systems, name services, etc. The soundness and security of these applications, however, hinge on the thorough understanding of the fundamental properties of their underlying blockchain data structure, which parties (“miners”) maintain and try to extend by generating proofs of various kinds, “proofs of work” (PoW, aka “cryptographic puzzle”) perhaps being the most interesting ones.
In this talk we formulate such fundamental properties of the blockchain, and show how applications such as consensus and a robust public transaction ledger can be built "on top'' of them, assuming the adversary’s hashing power is strictly less than ½. The above properties hold assuming that all parties―--honest and adversarial―--”wake up” and start computing at the same time, or, alternatively, that they compute on a common random string (the “genesis” block) only made available at the exact time when the protocol execution is to begin. We also address the question of whether such a trusted setup/behavioral assumption is necessary, answering it in the negative by presenting a Bitcoin-like blockchain protocol that is provably secure without trusted setup. A direct consequence of this last construction is that consensus can be solved directly by a blockchain protocol without trusted setup assuming an honest majority (in terms of computational power), in contrast to what is shown in the classical distributed computing literature, an apparent contradiction that we also explain.
Most of this talk is based on joint work with Aggelos Kiayias (U. of Edinburgh), Nikos Leonardos (U. of Athens) and Giorgios Panagiotakos (U. of Edinburgh).
Since Fall '17, Juan Garay is a full professor at Texas A&M University's Computer Science & Engineering Department. Previously, after receiving his PhD in Computer Science from Penn State University, he was a postdoc at the Weizmann Institute of Science (Israel), and held research positions at the IBM T.J. Watson Research Center, Bell Labs, AT&T Labs--Research, and Yahoo Research. His research interests include both foundational and applied aspects of cryptography and information security. He has published extensively in the areas of cryptography, network security, distributed computing, and algorithms; has been involved in the design, analysis and implementation of a variety of secure systems; and is the recipient of over two dozen patents. Dr. Garay has served on the program committees of numerous conferences and international panels---including co-chairing Crypto 2013 and 2014, the discipline's premier conference. He is a Fellow of the International Association for Cryptologic Research (IACR).
Distinguished Lectures Series in Cybersecurity
Mit der Distinguished Lecture Series in Cybersecurity kommen jedes Semester herausragende Experten aus Wissenschaft und Wirtschaft nach Darmstadt, um die vielfältigen Chancen und Herausforderungen im Bereich der IT-Sicherheit zu diskutieren.
Die Redner stellen in den Vorlesungen richtungsweisende Forschungsergebnisse verschiedener Disziplinen vor, fassen komplexe Themenbereiche zusammen und zeigen den momentanen Kenntnisstand ihres Forschungs- oder Arbeitsgebietes auf.
Die Vorträge sind öffentlich. Interessierte Besucher sind herzlich willkommen. Nach der Vorlesung gibt es Möglichkeit zum Austausch bei einem kleinen Buffet vor Ort.