TY - BOOK AU - Khan, Kashif Mehboob TI - Investigating and Countering Transaction Malleability Attacks in Blockchain Systems (PhD Thesis) U1 - 005.8378242 PY - 2019/// CY - Karachi : PB - NED University of Engineering and Technology Department of Computer and Information Systems Engineering, KW - Transaction Malleability Thesis KW - Blockchain Security Thesis KW - Security Evaluation Thesis KW - Electronic Data Interchange Security Measurs Thesis N1 - YN N2 - Abstract : Blockchain technology has attracted significant attention primarily due to its potential with respect to achieving trustworthy decentralized architecture through features such as peer to peer network, public ledger management, and an auditable data structure of its transactions. The applications of blockchain are not limited to cryptocurrency but have influenced wider domains through self-accountability, auditability and transparency. However blockchain technology has experienced serious challenges which exposed its limitations to mitigate against undesired circumstances. Transaction malleability is one such challenge whereby an attacker is able to introduce malleable transaction into blockchain by modifying an existing original transaction to produce a semantically similar malleable transaction. Transaction malleability has provided attackers a platform to put the largest network of public blockchain, Bitcoin, under attack multiple times. The incidents such as Mt. Gox crash (Exchange Company) and attack by BitClub on Bitcoin blockchain are the prominent examples of successful attempts. The challenge to address transaction malleability problem in blockchain has been identified and addressed in the existing literature. These existing solutions have limitations in terms of weak cryptographic implementations, imposing too many constraints in the standard operation of blockchain and over consumption of mining resources. The research presented in the thesis investigates transaction malleability attack within blockchain fabric agnostic of the application utilizing the technology. Specifically, it conducts a thorough investigation to develop a design-level solution (novel provenance layer added to blockchain fabric) which can proactively respond to a malleable transaction avoiding its entrance into the main blockchain in a timely and resource efficient manner. The proposed architecture has been evaluated through the use of blockchain based e-voting as an example application. The evaluation of the proposed scheme (On-chain implementation) showed a maximum of 30% improvement in response time to counter a malleable transaction as compared with contemporary blockchain infrastructure. Similarly in case of Off-chain implementation, 50% improvement was observed to protect against malleable transactions. The proposed solution was also assessed against large number of transactions to assess its performance and resource consumption. The evaluation results demonstrated the performance overhead of the proposed solution to be insignificant whilst achieving proactive defence against transaction malleability attack. ER -