SBLWT A Secure Blockchain Lightweight Wallet Based on
SBLWT: A Secure Blockchain Lightweight Wallet Based on Trustzone Source : IEEE Access, Vol. 6, pp. 40638 -40648, July 2018 Authors : Weiqi Dai, Jun Deng, Qinyuan Wang, Changze Cui, Deqing Zou, and Hai Jin Speaker : Fengyu Chiu Date : 2019/1/3 1
Outline • • • Introduction Preliminaries Proposed scheme Security analysis Performance analysis Conclusions 2
Introduction(1/2) Ø Hardware-based wallet Ø Software-based wallet Digital currency Stagefright Ø simplied payment verication (SPV) wallet MMS(Multimedia Messaging Service) 3
Introduction(2/2) Ø SPV Hash Detail information Merkle route Tx-hash SPV node Transaction Merkle root Full node = ? Block header merkle root 4
Preliminaries –Blockchain(1/3) $10 Amanda Book Bob • Decentralization • Immutability 5
Preliminaries –Blockchain and merkle tree(2/3) Block header Prev hash Nonce Merkle root Timestamp Hash 01 Hash 0 Tx 0 Hash 1 Tx 1 Hash 23 Hash 2 Tx 2 Hash 3 Tx 3 6
Preliminaries –Trustzone(3/3) 7
Proposed scheme – Framework of SBLWT 8
Proposed scheme – Secure booting Secure Execution Environment Normal bootloader Secure OS boot Normal OS boot Flash Device bootloader Integrity SBLWT System running ROM SOC bootloader Device power on 9
Proposed scheme – Reliable switching NMI (Non-Maskable Interrupt) Secure Execution Environment Normal Execution Environment NMI Rich OS Secure OS SBLWT Non-secure storage Secure storage Encrypted Block headers , private key and address 10
Proposed scheme – Secure keys and reliable addresses Private key Secp 256 k 1 Public key Double hash Ø Attackers Address Base 58 Check 0, O, I, l, +, / The hash of Public key 11
Proposed scheme – Secure sync and verification 12
Proposed scheme – Secure sync and verification 13
Security analysis Integrity • SBLWT Information leakage NMI 14
Performance analysis(1/3) 1 2 3 4 Module prikey generate Address generate sync verification lines 543 309 1037 559 Ø The detail TCB of SBLWT 1 2 3 4 5 Operations Times Environment switching 1. 7 us read(1 KB) 2 ms write(1 KB) 12 ms SBLWB check 1. 54 ms Information cleanup 0. 521 ms Ø Some overheads of SBLWT 15
Performance analysis(2/3) Ø SHA-256 speed comparision 16
Performance analysis(3/3) Normal SPV wallet SBLWT start 1. 387 s 1. 443 s verification 2. 283 ms 3. 137 ms Ø SBLWT’s start and verify overhead comparision 17
Conclusions Ø Trustzone Ø Confidentiality and integrity 18
- Slides: 18