Decentralized cryptocurrencies such as Bitcoin have ignited much excitement, not only for their novel realization of central bank-free financial instruments, but also as an alternative approach to classical distributed computing problems, such as reaching agreement distributedly in the presence of misbehaving parties, as well as to numerous other applications―contracts, reputation systems, name services, etc. The soundness and security of these applications, however, hinge on the thorough understanding of the fundamental properties of their underlying blockchain data structure, which parties (“miners”) maintain and try to extend by generating proofs of various kinds, “proofs of work” (PoW, aka “cryptographic puzzle”) perhaps being the most interesting ones.
In this talk we formulate such fundamental properties of the blockchain, and show how applications such as consensus and a robust public transaction ledger can be built "on top'' of them, assuming the adversary’s hashing power is strictly less than ½. The above properties hold assuming that all parties―--honest and adversarial―--”wake up” and start computing at the same time, or, alternatively, that they compute on a common random string (the “genesis” block) only made available at the exact time when the protocol execution is to begin. We also address the question of whether such a trusted setup/behavioral assumption is necessary, answering it in the negative by presenting a Bitcoin-like blockchain protocol that is provably secure without trusted setup. A direct consequence of this last construction is that consensus can be solved directly by a blockchain protocol without trusted setup assuming an honest majority (in terms of computational power), in contrast to what is shown in the classical distributed computing literature, an apparent contradiction that we also explain.
Most of this talk is based on joint work with Aggelos Kiayias (U. of Edinburgh), Nikos Leonardos (U. of Athens) and Giorgios Panagiotakos (U. of Edinburgh).
Since Fall '17, Juan Garay is a full professor at Texas A&M University's Computer Science & Engineering Department. Previously, after receiving his PhD in Computer Science from Penn State University, he was a postdoc at the Weizmann Institute of Science (Israel), and held research positions at the IBM T.J. Watson Research Center, Bell Labs, AT&T Labs--Research, and Yahoo Research. His research interests include both foundational and applied aspects of cryptography and information security. He has published extensively in the areas of cryptography, network security, distributed computing, and algorithms; has been involved in the design, analysis and implementation of a variety of secure systems; and is the recipient of over two dozen patents. Dr. Garay has served on the program committees of numerous conferences and international panels---including co-chairing Crypto 2013 and 2014, the discipline's premier conference. He is a Fellow of the International Association for Cryptologic Research (IACR).
Distinguished Lectures Series in Cybersecurity
With the Distinguished Lectures Series in Cybersecurity, every semester, we invite outstanding experts from science and industry to Darmstadt to discuss the multifaceted prospects and challenges of IT Security. In the lectures, the speakers present the results of trendsetting research from a variety of disciplines, give overviews of complex topics or show the current state of knowledge in their field of research. The lectures are free and open for everybody without prior registration.
After the lecture there is the possibility to get together.