BLOCKCHAIN
Blockchain has become a huge research area covering many topics related to distributed systems and new governance and trust paradigms. It opens new possibilities for scenarios where centralized solutions do not fit well, but it also poses new challenges that need to be overcome.
Trust-less data sharing
Replacing a central server with a decentralized blockchain network could solve or at least mitigate trust problems in several setups, one example being proxy re-encryption [1]. Back in 2014, we proposed to integrate proxy re-encryption into big data infrastructures [2]. Based on this work, we started working with ZeroDB Inc. on the implementation of this concept (Crypto@ZeroDB). As part of this collaboration, we jointly produced three patents that were granted in 2020 for the resulting technology: US10581603B2, US20170323114A1 and US10574440B2.
In these scenarios, the proxy re-encryption server should behave honestly, which is sometimes difficult to implement. To overcome these limitations, NICS Lab has also participated in the definition and development of the NuCypher network (Crypto4BC), a decentralized proxy re-encryption service that uses the Ethereum blockchain to enforce access control policies and implement network governance. In esencce, it provides a decentralized key management system based on Ethereum that provides cryptographically enforced access control services. This system operates in a decentralized manner and uses advanced cryptographic techniques developed by NICS, such as proxy re-encryption, threshold cryptography, and zero-knowledge proofs, which securely embed access control functionality at the encryption layer. The ultimate goal of this project is to create a basic infrastructure for the development of secure DApps (decentralized applications), which in turn will lead to numerous applications in many areas, such as fintech, identity management, and DRM.
This work has also led to the creation of Decentralized Security, the first technology-based startup in which the University of Malaga has participated. The startup provides development and security consulting services for blockchain projects, and is currently working with both NuCypher and Ethereum Foundation.
Mobility
New mobility paradigms have emerged in recent years, and there is every indication that more will follow. This underlines the need to modernize road infrastructure, signals and traffic management systems. Many initiatives have emerged around Intelligent Transport Systems (ITS) to define new scenarios and requirements. We even have two main competing technologies to implement vehicle-to-vehicle (V2X) communication protocols, C-V2X and 802.11p, but neither is widely deployed yet.
One of the main barriers to mass adoption of these technologies is governance. Current solutions rely on the use of a public key infrastructure to enable secure collaboration between the different entities in the V2X ecosystem, but given its global scope, managing such an infrastructure requires agreements between many parties, with conflicts of interest between automakers and telecom operators. As a result, there are many use cases and two mature communication technologies, but complexity at the business layer prevents drivers from taking advantage of ITS applications.
Blockchain technologies define a new decentralized paradigm for most traditional applications, where smart contracts provide a simple mechanism for decentralized governance. In [3], we propose an approach for decentralized V2X (D-V2X) that does not require a trusted authority and can be implemented on top of any communication protocol. We also define a proof-of-concept technical architecture based on a low-cost and highly secure System-on-Chip (SoC) that could enable massive deployment of D-V2X. This effort was part of the SAVE project, where we have been working on many cybsersecurity aspects of the Internet of Vehicles.
Critical Infrastructure Protection and Industry 4.0
Although the benefits of blockchain technology are already well known, it is always recommendable to analyse its possible adaptation to critical operational environments. As part of the SealedGRID project, the work [4] analyses the level of coupling of blockchain technology in critical federated applications, such as Smart Grid systems, and explores which interconnection strategy is the most suitable for such an application. For the analysis, the study focuses on an interconnection architecture based on three layers and several interconnection strategies, all of them adapting traditional decision and policy enforcement approaches together with blockchain technology to manage reliable and secure connections between critical entities, processes and resources. However, these connections must be dynamic according to the contextual conditions of the application environment. Thus, the paper [5] highlights the capabilities of Blockchain technology that, together with other technologies, allows to dynamically manage access control by updating their policies. In this case, the combination of technologies is concentrated on the Digital Twin together with Artificial Intelligence to simulate and anticipate anomalies and cybersecurity issues in real time.
Blockchain is also useful for conflict resolution in the retail Supply Chain, and compliance and accountability in distributed manufacturing. In this sense, NICS Lab contributes in the CyberSec4Europe project to lead the Supply Chain Roadmap, and participates in its use cases where Blockchain technology is key to its demonstration. At this point, it is worth noting that one of the operational nodes is enabled in the research group’s facilities, providing coverage for experimentation and testing. Last but not least, the technological deployment of Blockchain has also proven to be useful not only for managing the context of an operational environment, as indicated in [4] and [5], but also for detecting and predicting anomalies in Industry 4.0 and energy environments (SADECEI-4.0 and Smart and Secure EV Urban Lab II, respectively).
Therefore, the implications of Blockchain technology for the digital transformation of future critical infrastructures and Industry 4.0, and next generations, such as Industry 5.0, become evident.
Blockchain infrastructures
Regarding blockchain infrastructure support, we are contributing a node to the Alastria network in partnership with the Malaga Tech Park (PTA). Alastria is a national initiative that offers two permissioned blockchain networks to its partners: Network T (based on Quorum) and Network B (based on Hyperledger Besu). We are also contributing a node to the NuCypher network, through the NuCypher University Staking Program, a Hyperledger Fabric node for experimentation in supply chain scenarios for the CyberSec4Europe project and a Hyperledger Besu network for digital twin scenarios (SADECEI-4.0) and monitoring of electric vehicle charging points (Urban Lab II).
Another field where blockchain can provide exciting opportunities is in confidential computing. This allows users to compute verifiable programs while keeping their private inputs undisclosed. We proposed an enhanced version of Hyperledger Besu’s private transactions [6], which empowers blockchain clients to jointly execute Secure Multi-Party Computation protocols from solidity interfaces, reusing as much of the standard design as possible. This is a first step towards a privacy enhanced blockchain infraestructure. Secure Multi-Party Computation is cryptographic paradigm closely aligned with Blockchain. The are many protocols that fall into this category, but in the last years, Private Set Intersection (PSI) has capture the attention of the academia, mainly due to its applications to private genomic analysis, private data mining, private biometric authentication, private contact discovery, etc. In [7], we have conducted an in-depth analysis of PSI.
As part of our active involvement in Blockchain, we also organize an advanced Course on Blockchain Technologies with the collaboration of different companies from the Malaga Tech Park (PTA) and startups of the Blockchain ecosystem.
References
- David Nuñez and Isaac Agudo and Javier Lopez (2017): Proxy Re-Encryption: Analysis of Constructions and its Application to Secure Access Delegation. In: Journal of Network and Computer Applications, vol. 87, pp. 193-209, 2017, ISSN: 1084-8045.
- David Nuñez and Isaac Agudo and Javier Lopez (2014): Delegated Access for Hadoop Clusters in the Cloud. In: IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2014), pp. 374-379, IEEE IEEE, Singapore, 2014, ISBN: 978-1-4799-4093-6.
- Isaac Agudo and Manuel Montenegro-Gómez and Javier Lopez (2021): A Blockchain Approach for Decentralized V2X (D-V2X). In: IEEE Transactions on Vehicular Technology, vol. 70, no. 5, pp. 4001 – 4010, 2021, ISSN: 0018-9545.
- Cristina Alcaraz and Juan E. Rubio and Javier Lopez (2020): Blockchain-Assisted Access for Federated Smart Grid Domains: Coupling and Features. In: Journal of Parallel and Distributed Computing, vol. 144, pp. 124-135, 2020, ISSN: 0743-7315.
- Javier Lopez and Juan E. Rubio and Cristina Alcaraz (2021): Digital Twins for Intelligent Authorization in the B5G-enabled Smart Grid. In: IEEE Wireless Communications, vol. 28, pp. 48-55, 2021, ISSN: 1536-1284.
- Daniel Morales and Isaac Agudo and Javier Lopez (2023): Integration of MPC into Besu through an extended private transaction model. In: IEEE International Conference on Metaverse Computing, Networking and Applications, pp. 266-273, IEEE Computer Society IEEE, Kyoto, Japan, 2023.
- Daniel Morales and Isaac Agudo and Javier Lopez (2023): Private set intersection: A systematic literature review. In: Computer Science Review, vol. 49, no. 100567, 2023, ISSN: 1574-0137.