Blockchain Networks Privacy: History
Please note this is an old version of this entry, which may differ significantly from the current revision.
Contributor:

One of the most widely researched areas in the field of blockchain networks is the domain of preserving blockchain privacy. The reason being the growing concern of several industries and business enterprises to protect their data and trade secrets from unauthorized access. 

  • anonymity
  • confidentiality
  • blockchain privacy
  • privacy precision
  • smart contracts
  • cryptography
  • privacy attributes
  • privacy risks

1. Introduction

Hiding the contents of a transaction keeps blockchain data privacy intact. Data privacy is also referred to as confidentiality. At the most basic level, the data contents in a transaction are usually encrypted to maintain confidentiality in the network. Maintaining data confidentiality ensures that the transaction contents are free from unauthorized accessing, meddling and altering.

We extensively studied evaluation criteria adopted in various blockchain based privacy solutions for analysis. Using the literary evidence, researchers show that the evaluation is done mainly based on performance and proof of concept. However, researchers argue that such analysis is not sufficient to evaluate the privacy provided by a technology merely based on system performance, computational cost, and time and hence a proper framework with different criteria and parameters must be introduced for the evaluation. Therefore, researchers come to our third major contribution which is mentioned next.

To support the argument, researchers further present a framework with around 10 different criteria and sub-criteria, divided as privacy attributes and risks, that can effectively evaluate and quantify any blockchain based privacy solution irrespective of its category. With this, researchers also introduce the concept of privacy precision that is the empirical value calculated based on the efficiency of chosen parameters. This empirical value, ranging from 0 to 1, quantifies the degree of privacy provided by a solution.

2. Componential Classification of Blockchain Privacy Protecting Techniques

In today’s era, data is constantly being generated at a significant pace [31]. This significant generation of data from several sources demands secure and reliable storage and exchange systems. Usually, the data is stored on cloud servers, however, this brings new concerns regarding data privacy, duplication and fine-grained access control [32], to the forefront. Thus, the technology of blockchain is being explored and utilized in various applications to investigate its effect and impact on record storage management and communication systems.

Besides maintaining information security properties, encryption has greater benefits to offer in the domain of blockchain privacy for various applications. A number of research articles, nowadays, are working on searching encrypted data stored in blockchain, while preserving the privacy of the data. This technique is known as searchable encryption. This kind of encryption is used to protect privacy and authenticity of data when enterprises store their sensitive records in external data centers [55]. Some studies [56] use single word searches while other advanced studies [57] present effective mechanisms to enable multi-keyword searches on the encrypted data in blockchains. Protecting data privacy using searchable encryption is a great concept but it is out of the scope of this manuscript since it covers blockchain fundamental privacy issues. Interested readers may refer to [57] for further study on the subject.

One of the most significant and prized features of blockchains is immutability [59]. Immutability simply refers to ensuring that the records in the chain have not been tampered with. This property of blockchain validates the integrity and truthfulness of the data in the chain.

Smart contracts are digital contracts consisting of rules and regulations, mutually agreed upon by all the parties in a decentralized network [77]. They are self-executing programs which run automatically and are tamper-proof. They are written in high-level programming languages and allow the developers along with the users to express complex behavioral requirements and patterns. The recent developments in the technology of blockchain networks revived the perception and enabled the formation of smart contracts that were originally envisioned by Szabo in 1994. Smart contracts are a significant part of the blockchains as they ensure simple business trading among two mutually distrusting parties without the intervention of any third intermediary. It allows disintermediation in the blockchains which is one of the technology’s key features. Moreover, the correct use of smart contracts can ensure added security to the blockchain transactions. However, ensuring the correctness of the contracts is a challenging task because of the vulnerabilities of computer programs to the faults and failures [78].

3. Identification and Discussion on Evaluation Parameters and Criteria for Blockchain Privacy Preserving Techniques

Due to the technology of blockchain having huge privacy concerns, extensive research is being conducted into this domain. Following which, numerous privacy-preserving solutions have been proposed in literature. In previous sections, we discussed those solutions in detail and in this section, we investigated and presented the state-of-the-art methods, parameters, and metrics to evaluate the degree of privacy provided by these solutions. Numerous privacy-preserving solutions were comprehensively examined to analyze underlying experimental infrastructure utilized for the evaluation, the evaluation parameters used for performance analysis followed by the nature of the solution i.e., if it is a fundamental privacy solution or applied. The fundamental solution refers to the privacy preserving solutions that strengthen the blockchain privacy whereas the applied solution corresponds to solutions that leverage blockchain for strengthening privacy in other application scenarios. The findings are summarized in Table 1.

Table 1. Summary of state-of-the-art blockchain privacy evaluation parameters.
Study Experimental Infrastructure Evaluation Criteria/Parameters Fundamental/Applied
[106] Mining Nodes: 20
Wallet Nodes: 20
Transaction Frequency: 5 s
Consensus: Proof of Work
Arduino MKR1000 32-bit
ARM Cortex-M0 + MCU
32 KB of SRAM and 256 KB of flash
Raspberry Pi Zero W with a 1 GHz single-core CPU and 512 MB RAM
Request Processing Time
Transaction Size
Block Creation Time
Applied (Pervasive Computing)
[107] Programming Language: R-Programming Language
System Software: Ubuntu 18.04 LTS with GPU Quadro P6000
RAM: 32-GB
Privacy-Level Index (Pindex)
Dissimilarity level (DISS)
Information Loss
Accuracy
FAR
Applied (Smart Power Networks)
[108] Three test chains, (Kylin, Jungle, Local), Blockchain, Cloud were used.
Over 100 tests performed
Alibaba Cloud 2 core
RAM: 8 GB
Storage: 100 G
System Software: Ubuntu 16.04
Authorization Time,
Throughput vs. Delay
Time Overhead
Hash Cost Overhead
Applied (Cloud Access Control)
[25] Programming Language: Solidity
Test net: Rinkeby (Ethereum), Geth
Processor: Intel Core i7
Clock: 2.7 GHz
RAM: 16 GB
Gas Cost
Time Overhead
Fundamental
[76] Multiple machines used for experiments.
Machine 1:
Processor: Intel Core i7-2620M Clock: 2.70 GHz
RAM: 12 GB
Machine 2:
Processor: Intel Core i7-4770 Clock: 3.40 GHz
RAM: 16 GB
Key Generation Time
Key Size
Proof Size
Block Verification Time
Transaction Latency
Block Propagation Time
Setup Time
Fundamental
[109] System Software: Ubuntu 16.04
Processor: Intel Core i5-6200U
Clock: 2.3 GHz
RAM: 8 GB We used the Programming: BouncyCastle’s Java library for Curve 25519
Protocol Run Time
Ring Size
Fundamental
[23] Amazon EC2 r3.8xlarge Virtual Machine
RAM: 27 GB
Key Generation Time
Proving Time
Verification Time
Evaluation Key Size
Proof Size
Verifier Key Size
Fundamental
[110] Operating System: Ubuntu 18.04
Processor: Intel Core i7
Clock: 2.9 GHz
RAM: 8 GB
Testnet: Hyperledger Caliper
Multiple Phase Experiments
Experimental Rounds/Phase: 30
Throughput
Latency
Time
Send Rate
Applied (IoT Data Sharing in Smart Cities)
[82] Contracts Programming: Solidity
Off-chain Signature Programming: JavaScript
Testnet: Kovan, Ethereum
Gas Cost Fundamental

From the table, it is evident that most of the evaluations are based on time, throughput, and memory required. All these parameters are dependent on computational resources. This means that the better the hardware machine used, the better will be the performance of the evaluated technique. None of these parameters take into account the level of privacy provided by a solution. When Bitcoin [15], Ring CT [109], Zerocash [76] were introduced, each of these claimed to provide privacy protection to user identity and user assets. The performance results given also depicted the same. However, the attacks [13,111,112,113,114] in later studies showed the vulnerabilities in proposed solutions, which when exploited, deanonymized the users for up to 90%. This is a highly significant number. Therefore, that makes it remarkably clear that computational performance-based experiments and proof-of-concept are not sufficient to judge the efficiency of a privacy preserving solution. This implies that more factors or parameters should be considered for evaluation. Another finding that we inferred from the survey is elaborated in deduction 4 given below:

Another discovery to be highlighted here, is that most of the privacy preserving frameworks are deployed using Ethereum [115] platform with Solidity [116] as programming language and tested using official Ethereum test networks. This means that Ethereum is a better platform when it comes to programming privacy related applications.

4. Novel Framework for Empirical Evaluation of Privacy Efficiency in Blockchains Based on Identified Parameters

To evaluate the solution, we will calculate privacy precision of each solution. To do so, we divided the surveyed factors in two categories, i.e., privacy attributes and privacy risks. Privacy attributes consist of the factors that strengthen the privacy if present in a solution whereas privacy risks correspond to weaknesses of a solution, i.e., the risks that the solution is vulnerable to. Next, we use these attributes and risks to analyze privacy preserving solutions with different perspectives and collectively calculate its worth as a numeric value. The evaluation framework is elaborated in subsequent sections.

After normalized attribute values have been achieved, the normalized privacy attribute vector will be: (15) R n → = R n 1,R n 2,  … ,R n 4

Practically a solution cannot provide all privacy features and the maximum privacy protection is not feasible. Similarly, the maximum risk cannot be assigned to a privacy-preserving solution. We have the minimum privacy resultant ( −4) when a solution leaves all privacy risks and has no privacy feature. In a similar fashion, the maximum privacy resultant (12) is achieved when a solution offers all privacy features with no privacy risk. It is worth noting that these values are based on the criteria introduced in Table 1 and Table 2 and will be changed if other criterion weighing scales are used.

Table 2. Privacy attributes.
Privacy Attributes (Ai) Total Evaluators (ET) Evaluators (Ei) Weight (Wi) Proportionality (R)
Encryption 3 Encryption Time 3 −1
Memory Utilization −1
Throughput 1
Transactional Anonymity 2 Time 2 −1
Space (Memory) −1
Pseudonymous ID 2 Key Length 2 1
Cipher Algorithm 1
Anonymity Group 1 Group Size 3 1
IP Protection 1 Percentage of nodes accessing transaction traffic 2 −1
Max Weight     12  

Thus, the final value of Privacy Precision will range from 0 to 1. The grading model defined for the framework is shown in Table 3 . Here, we define three (03) grades, namely, poor, good and excellent. Any solution that achieves less than 0.3 precision score is termed as poor, this is because such a low value represents that a solution either has insufficient number of privacy features to make it strong or it is prone to privacy breaching risks. In both the cases, solution is inefficient. For any solution that has a privacy precision of more than 0.3 but less than 0.6, the solution is considered as a good or fair solution as it contains moderately efficient features and has more resilience against the privacy breaching attacks. Finally, any solution that has a privacy precision of more than 0.6, is termed as an excellent solution. Such solutions are scalable, computationally intensive, and preserve privacy to a greater extent. A privacy preserving solution having precision score of 1 has all the features of privacy and no associated risks, hence it provides complete anonymity and confidentiality in blockchain transactions.

Table 3. Privacy precision grading model.
Grading Precision Value
Poor 0 ≤ Precision ≤ 0.3
Good 0.31 ≤ Precision ≤ 0.6
Excellent 0.61 ≤ Precision ≤ 1

This entry is adapted from the peer-reviewed paper 10.3390/app11157013

This entry is offline, you can click here to edit this entry!