entropy-logo

Journal Browser

Journal Browser

Blockchain: Security, Challenges, and Opportunities

A special issue of Entropy (ISSN 1099-4300).

Deadline for manuscript submissions: closed (31 July 2020) | Viewed by 73609

Special Issue Editors


E-Mail Website
Guest Editor
Group of Analysis, Security and Systems (GASS), Universidad Complutense de Madrid (UCM), 28040 Madrid, Spain
Interests: artificial intelligence; big data; computer networks; computer security; information theory; IoT; multimedia forensics
Special Issues, Collections and Topics in MDPI journals

E-Mail
Guest Editor
IBM Almaden Research Center, 650 Harry Rd, San Jose, CA 95120, USA
Interests: error-correcting codes; fault tolerance; parallel processing; cryptography; modulation codes for magnetic recording; timing algorithms; holographic storage; parallel communications; neural networks; finite group theory
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Cybersecurity INCT Unit 6, Decision Technologies Laboratory-LATITUDE, Electrical Engineering Department (ENE), Technology College, University of Brasília (UnB), Brasília-DF, CEP 70910-900, Brazil
Interests: computer and network security; multimedia forensics; error-correcting codes; information theory
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear colleagues,

Bitcoin is one of the most popular cryptocurrencies nowadays. For its operation, it uses a technology known as Blockchain. This technology is not unique to Bitcoin; since its birth, many of the so-called altcoins have appeared using the same blockchain technology or similar. Blockchain has attracted extensive attention from both industry and academia.

Industry and academia have started to apply blockchain in other many areas besides cryptocurrencies, expanding the use of this technology. This use expansion carries challenges such as the security and privacy issues of using this technology. These challenges have been analyzed by both academy and industry. Additionally, there is an urgent need to adjust the privacy and regulatory requirements of blockchain to fulfill current data protection laws.

Information theory has been applied for over a half a century now, starting from the pioneering work of Shannon. Based on this motivation, this Special Issue invites researchers in all related fields (including but not limited to information theory, entropy, cryptography, cybersecurity, machine learning, and pattern recognition) to present original and new developments on information theory for current and novel blockchain applications, and to join us in a quest for solutions to solve current and, if possible, future problems on the use of this technology. Potential topics of interest to this Special Issue are listed below. Submissions can include original research, dataset collection, and benchmark or critical surveys.

This Special Issue is focused on cutting-edge research from both academia and industry, with a particular emphasis on novel techniques. Only technical papers describing previously unpublished, original, state-of-the-art research, and not currently under review by a conference or a journal, will be considered. We will recommend the submission of multimedia with each paper, as it significantly increases the visibility, downloads, and citations of articles.

Potential topics include but are not limited to the following:

  • Accountability and auditing in blockchain and cryptocurrency;
  • Adversarial training and defensive distillation;
  • Attacks against machine learning;
  • Attacks on blockchain-based systems;
  • Blockchain analysis;
  • Blockchain application and implementation;
  • Blockchain applications;
  • Blockchain operation and governance;
  • Blockchain security;
  • Blockchain technologies;
  • Challenges of machine learning for cyber security;
  • Consensus algorithms;
  • Cryptocurrencies;
  • Cryptocurrency pricing bubbles;
  • The economic significance of cryptocurrency volatility;
  • Energy consumption issues;
  • Entropy;
  • Ethics of machine learning for cyber security applications;
  • Generative adversarial models;
  • Governance models and experiences;
  • Identity management;
  • Information theory;
  • The interoperability of blockchains;
  • IoT Forensic;
  • Lightweight protocols based on blockchain;
  • One-shot learning; continuous learning;
  • The performance of blockchain-based systems;
  • Potential topics include but are not limited to;
  • Privacy and anonymity on blockchain;
  • The role of formal and informal institutions in establishing cryptocurrency markets;
  • The scalability of blockchain-based systems;
  • Scalable machine learning for cyber security;
  • Secure distributed consensus;
  • Security- and privacy-enhancing technologies for blockchain and cryptocurrency;
  • Smart contracts;
  • Smart contracts analysis;
  • Transactions analysis;
  • Transparency (or lack thereof) of blockchain technology and concomitant legal, ethical, and regulatory issues.

Prof. Luis Javier Garcia Villalba
Dr. Mario Blaum
Dr. Ana Lucila Sandoval Orozco
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Entropy is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (10 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

36 pages, 2599 KiB  
Article
Leveraging Blockchain Technology for Secure Energy Trading and Least-Cost Evaluation of Decentralized Contributions to Electrification in Sub-Saharan Africa
by Omaji Samuel, Ahmad Almogren, Atia Javaid, Mansour Zuair, Ibrar Ullah and Nadeem Javaid
Entropy 2020, 22(2), 226; https://doi.org/10.3390/e22020226 - 17 Feb 2020
Cited by 22 | Viewed by 5455
Abstract
The International Energy Agency has projected that the total energy demand for electricity in sub-Saharan Africa (SSA) is expected to rise by an average of 4% per year up to 2040. It implies that ~620 million people are living without electricity in SSA. [...] Read more.
The International Energy Agency has projected that the total energy demand for electricity in sub-Saharan Africa (SSA) is expected to rise by an average of 4% per year up to 2040. It implies that ~620 million people are living without electricity in SSA. Going with the 2030 vision of the United Nations that electricity should be accessible to all, it is important that new technology and methods are provided. In comparison to other nations worldwide, smart grid (SG) is an emerging technology in SSA. SG is an information technology-enhanced power grid, which provides a two-way communication network between energy producers and customers. Also, it includes renewable energy, smart meters, and smart devices that help to manage energy demands and reduce energy generation costs. However, SG is facing inherent difficulties, such as energy theft, lack of trust, security, and privacy issues. Therefore, this paper proposes a blockchain-based decentralized energy system (BDES) to accelerate rural and urban electrification by improving service delivery while minimizing the cost of generation and addressing historical antipathy and cybersecurity risk within SSA. Additionally, energy insufficiency and fixed pricing schemes may raise concerns in SG, such as the imbalance of order. The paper also introduces a blockchain-based energy trading system, which includes price negotiation and incentive mechanisms to address the imbalance of order. Moreover, existing models for energy planning do not consider the effect of fill rate (FR) and service level (SL). A blockchain levelized cost of energy (BLCOE) is proposed as the least-cost solution that measures the impact of energy reliability on generation cost using FR and SL. Simulation results are presented to show the performance of the proposed model and the least-cost option varies with relative energy generation cost of centralized, decentralized and BDES infrastructure. Case studies of Burkina Faso, Cote d’Ivoire, Gambia, Liberia, Mali, and Senegal illustrate situations that are more suitable for BDES. For other SSA countries, BDES can cost-effectively service a large population and regions. Additionally, BLCOE reduces energy costs by approximately 95% for battery and 75% for the solar modules. The future BLCOE varies across SSA on an average of about 0.049 $/kWh as compared to 0.15 $/kWh of an existing system in the literature. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

29 pages, 1573 KiB  
Article
An Analysis of Smart Contracts Security Threats Alongside Existing Solutions
by Antonio López Vivar, Alberto Turégano Castedo, Ana Lucila Sandoval Orozco and Luis Javier García Villalba
Entropy 2020, 22(2), 203; https://doi.org/10.3390/e22020203 - 11 Feb 2020
Cited by 31 | Viewed by 8967
Abstract
Smart contracts have gained a lot of popularity in recent times as they are a very powerful tool for the development of decentralised and automatic applications in many fields without the need for intermediaries or trusted third parties. However, due to the decentralised [...] Read more.
Smart contracts have gained a lot of popularity in recent times as they are a very powerful tool for the development of decentralised and automatic applications in many fields without the need for intermediaries or trusted third parties. However, due to the decentralised nature of the blockchain on which they are based, a series of challenges have emerged related to vulnerabilities in their programming that, given their particularities, could have (and have already had) a very high economic impact. This article provides a holistic view of security challenges associated with smart contracts, as well as the state of the art of available public domain tools. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

16 pages, 6218 KiB  
Article
A Blockchain-Driven Supply Chain Finance Application for Auto Retail Industry
by Jingjing Chen, Tiefeng Cai, Wenxiu He, Lei Chen, Gang Zhao, Weiwen Zou and Lingling Guo
Entropy 2020, 22(1), 95; https://doi.org/10.3390/e22010095 - 13 Jan 2020
Cited by 98 | Viewed by 12636
Abstract
In this paper, a Blockchain-driven platform for supply chain finance, BCautoSCF (Zhi-lian-che-rong in Chinese), is introduced. It is successfully established as a reliable and efficient financing platform for the auto retail industry. Due to the Blockchain built-in trust mechanism, participants in the supply [...] Read more.
In this paper, a Blockchain-driven platform for supply chain finance, BCautoSCF (Zhi-lian-che-rong in Chinese), is introduced. It is successfully established as a reliable and efficient financing platform for the auto retail industry. Due to the Blockchain built-in trust mechanism, participants in the supply chain (SC) networks work extensively and transparently to run a reliable, convenient, and traceable business. Likewise, the traditional supply chain finance (SCF), partial automation of SCF workflows with fewer human errors and disruptions was achieved through smart contract in BCautoSCF. Such open and secure features suggest the feasibility of BCautoSCF in SCF. As the first Blockchain-driven SCF application for the auto retail industry in China, our contribution lies in studying these pain points existing in traditional SCF and proposing a novel Blockchain-driven design to reshape the business logic of SCF to develop an efficient and reliable financing platform for small and medium enterprises (SMEs) in the auto retail industry to decrease the cost of financing and speed up the cash flows. Currently, there are over 600 active enterprise users that adopt BCautoSCF to run their financing business. Up to October 2019, the BCautoSCF provides services to 449 online/offline auto retailors, three B2B asset exchange platforms, nine fund providers, and 78 logistic services across 21 provinces in China. There are 3296 financing transactions successfully completed in BCautoSCF, and the amount of financing is ¥566,784,802.18. In the future, we will work towards supporting a full automation of SCF workflow by smart contracts, so that the efficiency of transaction will be further improved. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

10 pages, 336 KiB  
Article
From Key Encapsulation to Authenticated Group Key Establishment—A Compiler for Post-Quantum Primitives
by Edoardo Persichetti, Rainer Steinwandt and Adriana Suárez Corona
Entropy 2019, 21(12), 1183; https://doi.org/10.3390/e21121183 - 30 Nov 2019
Cited by 6 | Viewed by 3200
Abstract
Assuming the availability of an existentially unforgeable signature scheme and an (IND- CCA secure) key encapsulation mechanism, we present a generic construction for group key establishment. The construction is designed with existing proposals for post-quantum cryptography in mind. Applied with such existing proposals [...] Read more.
Assuming the availability of an existentially unforgeable signature scheme and an (IND- CCA secure) key encapsulation mechanism, we present a generic construction for group key establishment. The construction is designed with existing proposals for post-quantum cryptography in mind. Applied with such existing proposals and assuming their security, we obtain a quantum-safe three-round protocol for authenticated group key establishment that requires only one signature per protocol participant. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

20 pages, 790 KiB  
Article
Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language
by Diego Rivera, Fernando Monje, Victor A. Villagrá, Mario Vega-Barbas, Xavier Larriva-Novo and Julio Berrocal
Entropy 2019, 21(12), 1180; https://doi.org/10.3390/e21121180 - 30 Nov 2019
Cited by 1 | Viewed by 4037
Abstract
The increasing number of cyber-attacks, their potential destructive capabilities, and the enormous threat they pose for organizations, require the constant design and development of new, faster, and easier to use systems to address them. The automation of security enforcement systems is one of [...] Read more.
The increasing number of cyber-attacks, their potential destructive capabilities, and the enormous threat they pose for organizations, require the constant design and development of new, faster, and easier to use systems to address them. The automation of security enforcement systems is one of the most important techniques for enabling a fast response to security challenges, but the complexity of security management might hinder the successful achievement of the desired security. Our proposal integrates the automatic enforcement of security rules based on intrusion detection systems with the definition of a high-level user-centered language for the definition of policies. We have designed a translation process from this language to specific network-wise and device-aware rules that can be installed and enforced. The deployment of these rules is determined by an automatic risk assessment process ruled by the detection system monitoring the network. This way, both the automation and easiness of use goals can be achieved using an integrated system. The solution was tested and validated in two different virtualized networks. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

28 pages, 1307 KiB  
Article
Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core
by Juan Manuel Castelo Gómez, José Roldán Gómez, Javier Carrillo Mondéjar and José Luis Martínez Martínez
Entropy 2019, 21(12), 1141; https://doi.org/10.3390/e21121141 - 22 Nov 2019
Cited by 5 | Viewed by 6522
Abstract
The increase in the number of cybersecurity incidents in which internet of things (IoT) devices are involved has called for an improvement in the field of computer forensics, which needs to provide techniques in order to perform complete and efficient investigations in this [...] Read more.
The increase in the number of cybersecurity incidents in which internet of things (IoT) devices are involved has called for an improvement in the field of computer forensics, which needs to provide techniques in order to perform complete and efficient investigations in this new environment. With the aim of doing so, new devices and systems are being studied in order to offer guidelines for investigators on how to examine them. This papers follows this approach and presents a forensic analysis of the non-volatile memory of Windows 10 IoT Core. It details how the investigation should be performed and highlights the relevant information that can be extracted from storage. In addition, a tool for the automation of the retrieval of the pieces of evidence detected is provided. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

19 pages, 880 KiB  
Article
A Framework to Secure the Development and Auditing of SSL Pinning in Mobile Applications: The Case of Android Devices
by Francisco José Ramírez-López, Ángel Jesús Varela-Vaca, Jorge Ropero, Joaquín Luque and Alejandro Carrasco
Entropy 2019, 21(12), 1136; https://doi.org/10.3390/e21121136 - 21 Nov 2019
Cited by 7 | Viewed by 7757
Abstract
The use of mobile devices has undergone rapid growth in recent years. However, on some occasions, security has been neglected when developing applications. SSL/TLS has been used for years to secure communications although it is not a vulnerability-free protocol. One of the most [...] Read more.
The use of mobile devices has undergone rapid growth in recent years. However, on some occasions, security has been neglected when developing applications. SSL/TLS has been used for years to secure communications although it is not a vulnerability-free protocol. One of the most common vulnerabilities is SSL pinning bypassing. This paper first describes some security controls to help protect against SSL pinning bypassing. Subsequently, some existing methods for bypassing are presented and two new methods are defined. We performed some experiments to check the use of security controls in widely used applications, and applied SSL pinning bypassing methods. Finally, we created an applicability framework, relating the implemented security controls and the methods that are applicable. This framework provides a guideline for pentesters and app developers. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

40 pages, 1488 KiB  
Article
A Comprehensive Study of the Key Enumeration Problem
by Ricardo Villanueva-Polanco
Entropy 2019, 21(10), 972; https://doi.org/10.3390/e21100972 - 5 Oct 2019
Cited by 7 | Viewed by 2990
Abstract
In this paper, we will study the key enumeration problem, which is connected to the key recovery problem posed in the cold boot attack setting. In this setting, an attacker with physical access to a computer may obtain noisy data of a cryptographic [...] Read more.
In this paper, we will study the key enumeration problem, which is connected to the key recovery problem posed in the cold boot attack setting. In this setting, an attacker with physical access to a computer may obtain noisy data of a cryptographic secret key of a cryptographic scheme from main memory via this data remanence attack. Therefore, the attacker would need a key-recovery algorithm to reconstruct the secret key from its noisy version. We will first describe this attack setting and then pose the problem of key recovery in a general way and establish a connection between the key recovery problem and the key enumeration problem. The latter problem has already been studied in the side-channel attack literature, where, for example, the attacker might procure scoring information for each byte of an Advanced Encryption Standard (AES) key from a side-channel attack and then want to efficiently enumerate and test a large number of complete 16-byte candidates until the correct key is found. After establishing such a connection between the key recovery problem and the key enumeration problem, we will present a comprehensive review of the most outstanding key enumeration algorithms to tackle the latter problem, for example, an optimal key enumeration algorithm (OKEA) and several nonoptimal key enumeration algorithms. Also, we will propose variants to some of them and make a comparison of them, highlighting their strengths and weaknesses. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

15 pages, 314 KiB  
Article
Towards Quantum-Secured Permissioned Blockchain: Signature, Consensus, and Logic
by Xin Sun, Mirek Sopek, Quanlong Wang and Piotr Kulicki
Entropy 2019, 21(9), 887; https://doi.org/10.3390/e21090887 - 12 Sep 2019
Cited by 44 | Viewed by 8316
Abstract
While Blockchain technology is universally considered as a significant technology for the near future, some of its pillars are under a threat of another thriving technology, Quantum Computing. In this paper, we propose important safeguard measures against this threat by developing a framework [...] Read more.
While Blockchain technology is universally considered as a significant technology for the near future, some of its pillars are under a threat of another thriving technology, Quantum Computing. In this paper, we propose important safeguard measures against this threat by developing a framework of a quantum-secured, permissioned blockchain called Logicontract (LC). LC adopts a digital signature scheme based on Quantum Key Distribution (QKD) mechanisms and a vote-based consensus algorithm to achieve consensus on the blockchain. The main contribution of this paper is in the development of: (1) unconditionally secure signature scheme for LC which makes it immune to the attack of quantum computers; (2) scalable consensus protocol used by LC; (3) logic-based scripting language for the creation of smart contracts on LC; (4) quantum-resistant lottery protocol which illustrates the power and usage of LC. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

17 pages, 2006 KiB  
Article
Coin.AI: A Proof-of-Useful-Work Scheme for Blockchain-Based Distributed Deep Learning
by Alejandro Baldominos and Yago Saez
Entropy 2019, 21(8), 723; https://doi.org/10.3390/e21080723 - 25 Jul 2019
Cited by 55 | Viewed by 11097
Abstract
One decade ago, Bitcoin was introduced, becoming the first cryptocurrency and establishing the concept of “blockchain” as a distributed ledger. As of today, there are many different implementations of cryptocurrencies working over a blockchain, with different approaches and philosophies. However, many of them [...] Read more.
One decade ago, Bitcoin was introduced, becoming the first cryptocurrency and establishing the concept of “blockchain” as a distributed ledger. As of today, there are many different implementations of cryptocurrencies working over a blockchain, with different approaches and philosophies. However, many of them share one common feature: they require proof-of-work to support the generation of blocks (mining) and, eventually, the generation of money. This proof-of-work scheme often consists in the resolution of a cryptography problem, most commonly breaking a hash value, which can only be achieved through brute-force. The main drawback of proof-of-work is that it requires ridiculously large amounts of energy which do not have any useful outcome beyond supporting the currency. In this paper, we present a theoretical proposal that introduces a proof-of-useful-work scheme to support a cryptocurrency running over a blockchain, which we named Coin.AI. In this system, the mining scheme requires training deep learning models, and a block is only mined when the performance of such model exceeds a threshold. The distributed system allows for nodes to verify the models delivered by miners in an easy way (certainly much more efficiently than the mining process itself), determining when a block is to be generated. Additionally, this paper presents a proof-of-storage scheme for rewarding users that provide storage for the deep learning models, as well as a theoretical dissertation on how the mechanics of the system could be articulated with the ultimate goal of democratizing access to artificial intelligence. Full article
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
Show Figures

Figure 1

Back to TopTop