Blockchain Technology

Blockchain technologies promise many attractive advantages for digital currencies, financial applications and digital society in general. These advantages include reduced trust assumptions, increased transparency, reduced costs and improved user privacy.

However, the current state-of-the-art solutions suffer from significant limitations. Permissioned consensus schemes like Byzantine agreement have scalability issues, while permissioned consensus approaches like Proof of Work waste huge amounts of energy and have low throughput and high latency. Recent research has suggested new and more efficient alternatives such as Proof of Stake and sharding. Proof of Stake reduces consensus energy consumption, but requires expensive distributed random number generation. Sharding schemes improve consensus throughput, but have their own problems like complicated secure shard creation and handling of cross-shard transactions. Currencies like Bitcoin that use pseudonymous transactions offer poor privacy, while sophisticated cryptographic solutions like ZeroCash have heavy computational requirements. Cryptocurrency clients have also high computational requirements as they need to download and process all transactions which makes usage of such systems often infeasible on mobile devices. Smart contract platforms like Ethereum enable new innovation on financial applications, but such solutions require that contract code is executed on all consensus nodes, resulting in very inefficient contracts.

In our research we investigate the limitations of current blockchain systems and develop novel solutions with improved security, privacy and performance guarantees. Examples of our recent research results include new types of smart contract execution environments, new designs for increased client privacy and novel digital currencies with regulatory support.

For the full set of publications and detailed project descriptions, please visit the System Security list of publications in blockchain.

Selected Publications

Karl Wüst, Kari Kostiainen, Vedran Capkun and Srdjan Capkun
PRCash: Centrally Issued Cryptocurrency with Privacy and Regulation
in IACR Cryptology ePrint Archive 2018

Sinisa Matetic, Moritz Schneider, Andrew Miller, Ari Juels and Srdjan Capkun
DelegaTEE: Brokered Delegation using Trusted Execution Environments
in Usenix Security Symposium, 2018

Hubert Ritzdorf, Karl Wüst, Arthur Gervais, Guillaume Felley and Srdjan Capkun
TLS-N: Non-repudiation over TLS Enabling Ubiquitous Content Signing
in NDSS Symposium, 2018

Sinisa Matetic, Ahmed Mansoor, Kari Kostiainen, Aritra Dhar, David Sommer, Ari Juels and Srdjan Capkun
ROTE: Rollback Protection for Trusted Execution
in Usenix Security Symposium, 2017

Arthur Gervais, Ghassan O. Karame, Karl Wüst, Vasileios Glykantzis, Hubert Ritzdorf, Srdjan Capkun
On the Security and Performance of Proof of Work Blockchains
in ACM Conference on Computer and Communication Security (CCS), 2016

Arthur Gervais, Hubert Ritzdorf, Ghassan O. Karame, Srdjan Capkun
Tampering with the Delivery of Blocks and Transactions in Bitcoin
in ACM Conference on Computer and Communication Security (CCS), 2015

Arthur Gervais, Hubert Ritzdorf, Mario Lucic, Srdjan Capkun
Quantifying Location Privacy Leakage from Transaction Prices
in Cryptology ePrint Archive: Report 2015/496

Ghassan O. Karame, Elli Androulaki, Marc Roeschlin, Arthur Gervais, Srdjan Capkun
Misbehaviour in Bitcoin: A Study of Double-Spending and Accountability
in ACM Transactions on Information and System Security (TISSEC), 2015

Arthur Gervais, Ghassan Karame, Damian Gruber, Srdjan Capkun
On the Privacy Provisions of Bloom Filters in Lightweight Bitcoin Clients
in Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC), 2014

Arthur Gervais, Ghassan O. Karame, Srdjan Capkun, Vedran Capkun
Is Bitcoin a Decentralized Currency?
in IEEE Security and Privacy Magazine, 2014

Ghassan O. Karame, Elli Androulaki, Srdjan Capkun
Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin
in Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2012

Elli Androulaki, Ghassan O. Karame, Marc Roeschlin, Tobias Scherer, and Srdjan Capkun
Evaluating User Privacy in Bitcoin
in Proceedings of the International Conference on Financial Cryptography and Data Security, 2013