Research Article
Duck Attack on Accountable Distributed Systems
@INPROCEEDINGS{10.4108/eai.7-11-2017.2273615, author={Amrit Kumar and Pascal Lafourcade and C\^{e}dric Lauradoux}, title={Duck Attack on Accountable Distributed Systems}, proceedings={14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services}, publisher={ACM}, proceedings_a={MOBIQUITOUS}, year={2018}, month={4}, keywords={accountability secure log public verifiability}, doi={10.4108/eai.7-11-2017.2273615} }
- Amrit Kumar
Pascal Lafourcade
Cédric Lauradoux
Year: 2018
Duck Attack on Accountable Distributed Systems
MOBIQUITOUS
ACM
DOI: 10.4108/eai.7-11-2017.2273615
Abstract
Accountability plays a key role in dependable distributed systems. It allows to detect, isolate and churn malicious/selfish nodes that deviate from a prescribed protocol. To achieve these properties, several accountable systems use at their core cryptographic primitives that produce non-repudiable evidence of inconsistent or incorrect behavior.
In this paper, we show how selfish and colluding nodes can exploit the use of cryptographic digests in accountability protocols to mount what we call a duck attack. In a duck attack, selfish and colluding nodes exploit the use of cryptographic digests to alter the transmission of messages while masquerading as honest entities. The end result is that their selfish behavior remains undetected. This undermines the security guarantees of the accountability protocols.
We first discover the duck attack while analyzing PAG --- a custom cryptographic protocol to build accountable systems presented at ICDCS 2016. We later discover that accountable distributed systems based on a secure log (essentially a hash-based data structure) are also vulnerable to the duck attack and apply it on AcTinG --- a protocol presented at SRDS 2014. To defeat our attack, we modify the underlying secure log to have high-order dependency on the messages stored in it.