Position innerhalb des Seitenbaumes

Start
Team
Graf, Mike

Mike Graf

Herr Dipl.-Math.

Ph.D. Student
Institute of Information Security

Kontakt

+49 711 685 60736
E-Mail

Universitaetsstrasse 38
70569 Stuttgart
Germany
Raum: 2.418

Publikationen

2023
1. Mike Graf, Ralf Küsters, und Daniel Rausch, „AUC: Accountable Universal Composability“, in IEEE Symposium on Security and Privacy (S&P 2023), 2023, S. 1148--1167.
  Zusammenfassung
  Accountability is a well-established and widely used security concept that allows for obtaining undeniable cryptographic proof of misbehavior, thereby incentivizing honest behavior. There already exist several general purpose accountability frameworks for formal game-based security analyses. Unfortunately, such game-based frameworks do not support modular security analyses, which is an important tool to handle the complexity of modern protocols. Universal composability (UC) models provide native support for modular analyses, including re-use and composition of security results. So far, accountability has mainly been modeled and analyzed in UC models for the special case of MPC protocols, with a general purpose accountability framework for UC still missing. That is, a framework that among others supports arbitrary protocols, a wide range of accountability properties, handling and mixing of accountable and non-accountable security properties, and modular analysis of accountable protocols. To close this gap, we propose AUC, the first general purpose accountability framework for UC models, which supports all of the above, based on several new concepts. We exemplify AUC in three case studies not covered by existing works. In particular, AUC unifies existing UC accountability approaches within a single framework.
  BibTeX
  @inproceedings{GrafKuestersRausch-SP-2023, abstract = {Accountability is a well-established and widely used security concept that allows for obtaining undeniable cryptographic proof of misbehavior, thereby incentivizing honest behavior. There already exist several general purpose accountability frameworks for formal game-based security analyses. Unfortunately, such game-based frameworks do not support modular security analyses, which is an important tool to handle the complexity of modern protocols. Universal composability (UC) models provide native support for modular analyses, including re-use and composition of security results. So far, accountability has mainly been modeled and analyzed in UC models for the special case of MPC protocols, with a general purpose accountability framework for UC still missing. That is, a framework that among others supports arbitrary protocols, a wide range of accountability properties, handling and mixing of accountable and non-accountable security properties, and modular analysis of accountable protocols. To close this gap, we propose AUC, the first general purpose accountability framework for UC models, which supports all of the above, based on several new concepts. We exemplify AUC in three case studies not covered by existing works. In particular, AUC unifies existing UC accountability approaches within a single framework.}, author = {Graf, Mike and K{\"u}sters, Ralf and Rausch, Daniel}, booktitle = {{IEEE} Symposium on Security and Privacy (S{\&}P 2023)}, doi = {10.1109/SP46215.2023.10179384}, pages = {1148--1167}, publisher = {{IEEE}}, title = {{AUC: Accountable Universal Composability}}, url = {https://publ.sec.uni-stuttgart.de/grafkuestersrausch-sp-2023.pdf}, year = 2023 }
  Link
  https://publ.sec.uni-stuttgart.de/grafkuestersrausch-sp-2023.pdf
2022
1. Mike Graf, Ralf Küsters, und Daniel Rausch, „AUC: Accountable Universal Composability“, Cryptology ePrint Archive, Technical Report 2022/1606, 2022.
  Zusammenfassung
  Accountability is a well-established and widely used security concept that allows for obtaining undeniable cryptographic proof of misbehavior, thereby incentivizing honest behavior. There already exist several general purpose accountability frameworks for formal game-based security analyses. Unfortunately, such game-based frameworks do not support modular security analyses, which is an important tool to handle the complexity of modern protocols. Universal composability (UC) models provide native support for modular analyses, including re-use and composition of security results. So far, accountability has mainly been modeled and analyzed in UC models for the special case of MPC protocols, with a general purpose accountability framework for UC still missing. That is, a framework that among others supports arbitrary protocols, a wide range of accountability properties, handling and mixing of accountable and non-accountable security properties, and modular analysis of accountable protocols. To close this gap, we propose AUC, the first general purpose accountability framework for UC models, which supports all of the above, based on several new concepts. We exemplify AUC in three case studies not covered by existing works. In particular, AUC unifies existing UC accountability approaches within a single framework.
  BibTeX
  @techreport{GrafKuestersRausch-IACR-2022, abstract = {Accountability is a well-established and widely used security concept that allows for obtaining undeniable cryptographic proof of misbehavior, thereby incentivizing honest behavior. There already exist several general purpose accountability frameworks for formal game-based security analyses. Unfortunately, such game-based frameworks do not support modular security analyses, which is an important tool to handle the complexity of modern protocols. Universal composability (UC) models provide native support for modular analyses, including re-use and composition of security results. So far, accountability has mainly been modeled and analyzed in UC models for the special case of MPC protocols, with a general purpose accountability framework for UC still missing. That is, a framework that among others supports arbitrary protocols, a wide range of accountability properties, handling and mixing of accountable and non-accountable security properties, and modular analysis of accountable protocols. To close this gap, we propose AUC, the first general purpose accountability framework for UC models, which supports all of the above, based on several new concepts. We exemplify AUC in three case studies not covered by existing works. In particular, AUC unifies existing UC accountability approaches within a single framework.}, author = {Graf, Mike and K{\"u}sters, Ralf and Rausch, Daniel}, institution = {Cryptology ePrint Archive}, number = {2022/1606}, title = {{AUC: Accountable Universal Composability}}, type = {Technical Report}, url = {https://publ.sec.uni-stuttgart.de/grafkuestersrausch-iacr-2022.pdf}, year = 2022 }
  Link
  https://publ.sec.uni-stuttgart.de/grafkuestersrausch-iacr-2022.pdf
2021
1. Mike Graf, Daniel Rausch, Viktoria Ronge, Christoph Egger, Ralf Küsters, und Dominique Schröder, „A Security Framework for Distributed Ledgers“, in ACM Conference on Computer and Communications Security (CCS 2021), 2021, S. 1043--1064.
  Zusammenfassung
  In the past few years blockchains have been a major focus for security research, resulting in significant progress in the design, formalization, and analysis of blockchain protocols. However, the more general class of distributed ledgers, which includes not just blockchains but also prominent non-blockchain protocols, such as Corda and OmniLedger, cannot be covered by the state-of-the-art in the security literature yet. These distributed ledgers often break with traditional blockchain paradigms, such as block structures to store data, system-wide consensus, or global consistency. In this paper, we close this gap by proposing the first framework for defining and analyzing the security of general distributed ledgers, with an ideal distributed ledger functionality at the core of our contribution. This functionality covers not only classical blockchains but also non-blockchain distributed ledgers in a unified way. To illustrate our ledger functionality, we first show that the prominent ideal blockchain functionalities from Badertscher et al. and its privacy preserving derivative from Kerber et al. realize (suitable instantiations of) our functionality, which precisely captures their security properties. This immediately implies that their respective implementations, including Bitcoin, Ouroboros Genesis, and Ouroboros Crypsinous, realize our ideal ledger functionality as well. Secondly, we demonstrate that our ideal ledger functionality is capable of precisely modeling also non-blockchain distributed ledgers by performing the first formal security analysis of such a distributed ledger, namely the prominent Corda protocol. Due to the wide spread use of Corda in the industry, in particular the financial sector, this analysis is of independent interest. These results also illustrate that our ideal ledger functionality not just generalizes the modular treatment of blockchains to distributed ledgers, but moreover helps to unify existing results.
  BibTeX
  @inproceedings{GrafRauschRongeEggerKuestersSchroeder-CCS-2021, abstract = {In the past few years blockchains have been a major focus for security research, resulting in significant progress in the design, formalization, and analysis of blockchain protocols. However, the more general class of distributed ledgers, which includes not just blockchains but also prominent non-blockchain protocols, such as Corda and OmniLedger, cannot be covered by the state-of-the-art in the security literature yet. These distributed ledgers often break with traditional blockchain paradigms, such as block structures to store data, system-wide consensus, or global consistency. In this paper, we close this gap by proposing the first framework for defining and analyzing the security of general distributed ledgers, with an ideal distributed ledger functionality at the core of our contribution. This functionality covers not only classical blockchains but also non-blockchain distributed ledgers in a unified way. To illustrate our ledger functionality, we first show that the prominent ideal blockchain functionalities from Badertscher et al. and its privacy preserving derivative from Kerber et al. realize (suitable instantiations of) our functionality, which precisely captures their security properties. This immediately implies that their respective implementations, including Bitcoin, Ouroboros Genesis, and Ouroboros Crypsinous, realize our ideal ledger functionality as well. Secondly, we demonstrate that our ideal ledger functionality is capable of precisely modeling also non-blockchain distributed ledgers by performing the first formal security analysis of such a distributed ledger, namely the prominent Corda protocol. Due to the wide spread use of Corda in the industry, in particular the financial sector, this analysis is of independent interest. These results also illustrate that our ideal ledger functionality not just generalizes the modular treatment of blockchains to distributed ledgers, but moreover helps to unify existing results.}, author = {Graf, Mike and Rausch, Daniel and Ronge, Viktoria and Egger, Christoph and K{\"u}sters, Ralf and Schr{\"o}der, Dominique}, booktitle = {{ACM Conference on Computer and Communications Security (CCS 2021)}}, doi = {10.1145/3460120.3485362}, pages = {1043--1064}, publisher = {{ACM}}, title = {{A Security Framework for Distributed Ledgers}}, url = {https://publ.sec.uni-stuttgart.de/grafrauschrongeeggerkuestersschroeder-ccs-2021.pdf}, year = 2021 }
  Link
  https://publ.sec.uni-stuttgart.de/grafrauschrongeeggerkuestersschroeder-ccs-2021.pdf
2. Mike Graf, Daniel Rausch, Viktoria Ronge, Christoph Egger, Ralf Küsters, und Dominique Schröder, „A Security Framework for Distributed Ledgers“, Cryptology ePrint Archive, Technical Report 2021/145, 2021.
  Zusammenfassung
  In the past few years blockchains have been a major focus for security research, resulting in significant progress in the design, formalization, and analysis of blockchain protocols. However, the more general class of distributed ledgers, which includes not just blockchains but also prominent non-blockchain protocols, such as Corda and OmniLedger, cannot be covered by the state-of-the-art in the security literature yet. These distributed ledgers often break with traditional blockchain paradigms, such as block structures to store data, system-wide consensus, or global consistency. In this paper, we close this gap by proposing the first framework for defining and analyzing the security of general distributed ledgers, with an ideal distributed ledger functionality at the core of our contribution. This functionality covers not only classical blockchains but also non-blockchain distributed ledgers in a unified way. To illustrate our ledger functionality, we first show that the prominent ideal blockchain functionalities from Badertscher et al. and its privacy preserving derivative from Kerber et al. realize (suitable instantiations of) our functionality, which precisely captures their security properties. This immediately implies that their respective implementations, including Bitcoin, Ouroboros Genesis, and Ouroboros Crypsinous, realize our ideal ledger functionality as well. Secondly, we demonstrate that our ideal ledger functionality is capable of precisely modeling also non-blockchain distributed ledgers by performing the first formal security analysis of such a distributed ledger, namely the prominent Corda protocol. Due to the wide spread use of Corda in the industry, in particular the financial sector, this analysis is of independent interest. These results also illustrate that our ideal ledger functionality not just generalizes the modular treatment of blockchains to distributed ledgers, but moreover helps to unify existing results.
  BibTeX
  @techreport{GrafRauschRongeEggerKuestersSchroeder-IACR-2021, abstract = {In the past few years blockchains have been a major focus for security research, resulting in significant progress in the design, formalization, and analysis of blockchain protocols. However, the more general class of distributed ledgers, which includes not just blockchains but also prominent non-blockchain protocols, such as Corda and OmniLedger, cannot be covered by the state-of-the-art in the security literature yet. These distributed ledgers often break with traditional blockchain paradigms, such as block structures to store data, system-wide consensus, or global consistency. In this paper, we close this gap by proposing the first framework for defining and analyzing the security of general distributed ledgers, with an ideal distributed ledger functionality at the core of our contribution. This functionality covers not only classical blockchains but also non-blockchain distributed ledgers in a unified way. To illustrate our ledger functionality, we first show that the prominent ideal blockchain functionalities from Badertscher et al. and its privacy preserving derivative from Kerber et al. realize (suitable instantiations of) our functionality, which precisely captures their security properties. This immediately implies that their respective implementations, including Bitcoin, Ouroboros Genesis, and Ouroboros Crypsinous, realize our ideal ledger functionality as well. Secondly, we demonstrate that our ideal ledger functionality is capable of precisely modeling also non-blockchain distributed ledgers by performing the first formal security analysis of such a distributed ledger, namely the prominent Corda protocol. Due to the wide spread use of Corda in the industry, in particular the financial sector, this analysis is of independent interest. These results also illustrate that our ideal ledger functionality not just generalizes the modular treatment of blockchains to distributed ledgers, but moreover helps to unify existing results.}, author = {Graf, Mike and Rausch, Daniel and Ronge, Viktoria and Egger, Christoph and K{\"u}sters, Ralf and Schr{\"o}der, Dominique}, institution = {Cryptology ePrint Archive}, number = {2021/145}, title = {{A Security Framework for Distributed Ledgers}}, type = {Technical Report}, url = {https://publ.sec.uni-stuttgart.de/grafrauschrongeeggerkuestersschroeder-iacr-2021.pdf}, year = 2021 }
  Link
  https://publ.sec.uni-stuttgart.de/grafrauschrongeeggerkuestersschroeder-iacr-2021.pdf
2020
1. Mike Graf, Ralf Küsters, und Daniel Rausch, „Accountability in a Permissioned Blockchain: Formal Analysis of Hyperledger Fabric“, in IEEE European Symposium on Security and Privacy (EuroS&P 2020), 2020, S. 236--255.
  Zusammenfassung
  While accountability is a well-known concept in distributed systems and cryptography, in the literature on blockchains (and, more generally, distributed ledgers) the formal treatment of accountability has been a blind spot: there does not exist a formalization let alone a formal proof of accountability for any blockchain yet. Therefore, in this work we put forward and propose a formal treatment of accountability in this domain. Our goal is to formally state and prove that if in a run of a blockchain a central security property, such as consistency, is not satisfied, then misbehaving parties can be identified and held accountable. Accountability is particularly useful for permissioned blockchains where all parties know each other, and hence, accountability incentivizes all parties to behave honestly. We exemplify our approach for one of the most prominent permissioned blockchains: Hyperledger Fabric in its most common instantiation.
  BibTeX
  @inproceedings{GrafKuestersRausch-EuroSP-2020, abstract = {While accountability is a well-known concept in distributed systems and cryptography, in the literature on blockchains (and, more generally, distributed ledgers) the formal treatment of accountability has been a blind spot: there does not exist a formalization let alone a formal proof of accountability for any blockchain yet. Therefore, in this work we put forward and propose a formal treatment of accountability in this domain. Our goal is to formally state and prove that if in a run of a blockchain a central security property, such as consistency, is not satisfied, then misbehaving parties can be identified and held accountable. Accountability is particularly useful for permissioned blockchains where all parties know each other, and hence, accountability incentivizes all parties to behave honestly. We exemplify our approach for one of the most prominent permissioned blockchains: Hyperledger Fabric in its most common instantiation.}, author = {Graf, Mike and K{\"u}sters, Ralf and Rausch, Daniel}, booktitle = {{IEEE} European Symposium on Security and Privacy (EuroS{\&}P 2020)}, doi = {10.1109/EuroSP48549.2020.00023}, pages = {236--255}, publisher = {{IEEE}}, title = {{Accountability in a Permissioned Blockchain: Formal Analysis of Hyperledger Fabric}}, url = {https://publ.sec.uni-stuttgart.de/grafkuestersrausch-eurosp-2020.pdf}, year = 2020 }
  Link
  https://publ.sec.uni-stuttgart.de/grafkuestersrausch-eurosp-2020.pdf
2. Mike Graf, Ralf Küsters, und Daniel Rausch, „Accountability in a Permissioned Blockchain: Formal Analysis of Hyperledger Fabric“, Cryptology ePrint Archive, Technical Report 2020/386, 2020.
  Zusammenfassung
  While accountability is a well-known concept in distributed systems and cryptography, in the literature on blockchains (and, more generally, distributed ledgers) the formal treatment of accountability has been a blind spot: there does not exist a formalization let alone a formal proof of accountability for any blockchain yet. Therefore, in this work we put forward and propose a formal treatment of accountability in this domain. Our goal is to formally state and prove that if in a run of a blockchain a central security property, such as consistency, is not satisfied, then misbehaving parties can be identified and held accountable. Accountability is particularly useful for permissioned blockchains where all parties know each other, and hence, accountability incentivizes all parties to behave honestly. We exemplify our approach for one of the most prominent permissioned blockchains: Hyperledger Fabric in its most common instantiation.
  BibTeX
  @techreport{GrafKuestersRausch-IACR-2020, abstract = {While accountability is a well-known concept in distributed systems and cryptography, in the literature on blockchains (and, more generally, distributed ledgers) the formal treatment of accountability has been a blind spot: there does not exist a formalization let alone a formal proof of accountability for any blockchain yet. Therefore, in this work we put forward and propose a formal treatment of accountability in this domain. Our goal is to formally state and prove that if in a run of a blockchain a central security property, such as consistency, is not satisfied, then misbehaving parties can be identified and held accountable. Accountability is particularly useful for permissioned blockchains where all parties know each other, and hence, accountability incentivizes all parties to behave honestly. We exemplify our approach for one of the most prominent permissioned blockchains: Hyperledger Fabric in its most common instantiation.}, author = {Graf, Mike and K{\"{u}}sters, Ralf and Rausch, Daniel}, institution = {Cryptology ePrint Archive}, number = {2020/386}, title = {{Accountability in a Permissioned Blockchain: Formal Analysis of Hyperledger Fabric}}, type = {Technical Report}, url = {https://publ.sec.uni-stuttgart.de/grafkuestersrausch-iacr-2020.pdf}, year = 2020 }
  Link
  https://publ.sec.uni-stuttgart.de/grafkuestersrausch-iacr-2020.pdf

Umfangreichere Informationen finden Sie auf unserer englischsprachigen Seite.

Mike Graf

Kontakt

Publikationen

2023

Zusammenfassung

BibTeX

Link

2022

Zusammenfassung

BibTeX

Link

2021

Zusammenfassung

BibTeX

Link

Zusammenfassung

BibTeX

Link

2020

Zusammenfassung

BibTeX

Link

Zusammenfassung

BibTeX

Link

Zielgruppe

Formalia

Services

Organisation

Mike Graf

Kontakt

Publikationen

2023

Zusammenfassung

BibTeX

Link

2022

Zusammenfassung

BibTeX

Link

2021

Zusammenfassung

BibTeX

Link

Zusammenfassung

BibTeX

Link

2020

Zusammenfassung

BibTeX

Link

Zusammenfassung

BibTeX

Link

So erreichen Sie uns

Zielgruppe

Formalia

Services

Organisation