Journal of Internet of Things and Convergence (사물인터넷융복합논문지)

The Korea Internet of Things Society (한국사물인터넷학회)
권호 표지
DOI QR코드

DOI QR Code

A Scheme Reconfiguration of Whitelisting and Hyperledger Fabric for Cryptocurrency Integrity Transactions

암호화폐 무결성 거래를 위한 Whitelisting과 Hyperledger Fabric 재구성 기법

  • Su-An Jang (Division of Computer Engineering, Baek-seok University) ;
  • Keun-Ho Lee (Division of Computer Engineering, Baek-seok University)
  • 장수안 (백석대학교 컴퓨터공학부) ;
  • 이근호 (백석대학교 컴퓨터공학부)
  • Received : 2023.12.27
  • Accepted : 2024.01.28
  • Published : 2024.02.29
Download PDF
⟨ Previous Next ⟩

Abstract

To trade cryptocurrency, traders require a personal cryptocurrency wallet. Cryptocurrency itself using blockchain technology is guaranteed excellent security and reliability, so the threat of blockchain hacking is almost impossible, but the exchange environment used by traders for transactions is most subject to hacking threats. Even if transactions are made safely through blockchain during the transaction process, if the trader's wallet information itself is hacked, security cannot be secured in these processes. Exchange hacking is mainly done by stealing a trader's wallet information, giving the hacker access to the victim's wallet assets. In this paper, to prevent this, we would like to reconstruct the existing Hyperledger Fabric structure and propose a system that verifies the identity integrity of traders during the transaction process using whitelisting. The advantage is that through this process, damage to cryptocurrency assets caused by hackers can be prevented and recognized. In addition, we aim to point out and correct problems in the transaction process that may occur if the victim's wallet information is stolen from the existing Hyperledger Fabric.

암호화폐를 거래하기 위해서 거래자들은 개인의 암호화폐 지갑이 요구된다. 블록체인 기술을 활용한 암호화폐 그 자체는 우수한 보안성과 신뢰성을 보장받고 있어 블록체인 해킹 위협은 거의 불가능하지만, 거래자들이 거래를 위해 사용하는 거래소 환경에서 해킹 위협을 가장 많이 받고 있다. 거래 과정에서 블록체인을 통해 안전하게 거래가 이루어 진다 해도 거래자의 지갑 정보 자체가 해킹되면 이와 같은 과정들에서 보안을 확보할 수 없다. 거래소 해킹은 주로 거래자의 지갑 정보를 탈취함으로써, 해커가 피해자의 지갑 자산에 접근이 가능해지므로 이루어진다. 본 논문에서는 이를 방지하고자 기존 Hyperledger Fabric 구조를 재구성하고, Whitelisting을 활용하여 거래 과정에서 거래자의 신원 무결성을 검증하는 시스템을 제안하고자 한다. 해당 과정을 거쳐 해커에 의한 암호화폐 자산 피해를 방지하고 인지할 수 있다는 장점이 있다. 또한, 기존 Hyperledger Fabric에서 피해자의 지갑 정보가 탈취되었을 경우 발생할 수 있는 거래 과정의 문제점을 지적하고 이를 보완하고자 한다.

Keywords

References

  1. B. Hofmann, P. Kasinathan and M. Wimmer, "Towards achieving confidentiality in Hyperledger Fabric," in 2022 IEEE International Conference on Blockchain (Blockchain), pp.384-391, 2022.
  2. M. Graf, R. Kusters and D. Rausch, "Accountability in a Permissioned Blockchain: Formal Analysis of Hyperledger Fabric," 2020 IEEE European Symposium on Security and Privacy (EuroS&P), pp.236-255. 2020. 
  3. M. Kwon and H. Yu, "Performance Improvement of Ordering and Endorsement Phase in Hyperledger Fabric," 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), pp.428-432, 2019. 
  4. L. Foschini, A. Gavagna, G. Martuscelli and R. Montanari, "Hyperledger Fabric Blockchain: Chaincode Performance Analysis," ICC 2020 - 2020 IEEE International Conference on Communications (ICC), pp.1-6, 2020. 
  5. Mohan M, Smitha and L. Sujihelen. "AN EFFICIENT CHAIN CODE FOR ACCESS CONTROL IN HYPER LEDGER FABRIC HEALTHCARE SYSTEM." e-Prime - Advances in Electrical Engineering, Electronics and Energy (2023). 
  6. D.J.Park, H.A.Song, H.S.Eom, S.M.Jeong, J.S.Park, and K.H.Yeom, "A Smart Contract Management System to Optimize Transactions in a Permissioned Blockchain," KIISE Transactions on Computing Practices, Vol.28, No.6, pp.360-365, 2022. https://doi.org/10.5626/KTCP.2022.28.6.360
  7. Ning Lu, Yongxin Zhang, Wenbo Shi, Saru Kumari, Kim-Kwang Raymond Choo, A secure and scalable data integrity auditing scheme based on hyperledger fabric, Computers & Security, Vol.92, 2020. 
  8. H. Sukhwani, J. M. Martinez, X. Chang, K. S. Trivedi and A. Rindos, "Performance Modeling of PBFT Consensus Process for Permissioned Blockchain Network (Hyperledger Fabric)," 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS), pp.253-255, 2017. 
  9. Xiaojie Zhao, Shangping Wang, Yaling Zhang, Yu Wang, Attribute-based access control scheme for data sharing on hyperledger fabric, Journal of Information Security and Applications, Vol.67, 2022.
  10. L. Alashaikh, "Blockchain-Based Software Systems: Taxonomy Development," 2021 IEEE International Conference on Blockchain (Blockchain), pp.491-498. 2021. 
  11. U. Goel, DR. Sonanis, I. Rastogi, S. Lal and A. De, "Criticality Aware Orderer for Heterogeneous Transactions in Blockchain," 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), pp.1-4. 2020. 
  12. Vesely, A., "DNS Whitelist (DNSWL) Email Authentication Method Extension", RFC 8904, 2020. 
  13. Nureni Ayofe Azeez, Sanjay Misra, Ihotu Agbo Margaret, Luis Fernandez-Sanz, Shafi'i Muhammad Abdulhamid, Adopting automated whitelist approach for detecting phishing attacks, Computers & Security, Vol.108, 2021. 
  14. Yue Li, Mingcheng Xu, and Gaojian Xu. 2022. Blockchain-based mutual authentication protocol without CA. J. Supercomput. 78, 15, pp.17261-17283. 2022.  https://doi.org/10.1007/s11227-022-04558-5
  15. Sinha, A. and Sadhya, D. Decentralized Public Key Infrastructure with Identity Management using Hyperledger Fabric. In Proceedings of the 19th International Conference on Security and Cryptography-SECRYPT; SciTePress, pp.554-559, 2022.