%0 Conference Paper %1 BitcoinOffline2017 %A Dmitrienko, Alexandra %A Noack, David %A Yung, Moti %B ACM Conference on Information, Computer and Communications Security (AsiaCCS) %D 2017 %K International-Conference-Workshop-Papers-Book-Chapters myown %T Secure Wallet-Assisted Offline Bitcoin Payments with Double-Spender Revocation (distinguished paper award) %X Bitcoin seems to be the most successful cryptocurrency so far given the growing real life deployment and popularity.While Bitcoin requires clients to be online to perform trans-actions and a certain amount of time to verify them, there are many real life scenarios that demand for offline and immediate payments (e.g., mobile ticketing, vending machines,etc). However, offline payments in Bitcoin raise non-trivial security challenges, as the payee has no means to verify the received coins without having access to the Bitcoin network.Moreover, even online immediate payments are shown to be vulnerable to double-spending attacks.In this paper, we propose the first solution for Bitcoin payments, which enables secure payments with Bitcoin in offline settings and in scenarios where payments need to be immediately accepted. Our approach relies on an offline wallet and deploys several novel security mechanisms to prevent double-spending and to verify the coin validity in offline set-ting. These mechanisms achieve probabilistic security to guarantee that the attack probability is lower than the de-sired threshold. We provide a security and risk analysis as well as model security parameters for various adversaries.We further eliminate remaining risks by detection of misbehaving wallets and their revocation.We implemented our solution for mobile Android client sand instantiated an offline wallet using a microSD security card. Our implementation demonstrates that smooth integration over a very prevalent platform (Android) is possible,and that offline and online payments can practically co-exist.We also discuss alternative deployment approach for the offline wallet which does not leverage secure hardware, but instead relies on a deposit system managed by the Bitcoin network.

@inproceedings{BitcoinOffline2017, abstract = {Bitcoin seems to be the most successful cryptocurrency so far given the growing real life deployment and popularity.While Bitcoin requires clients to be online to perform trans-actions and a certain amount of time to verify them, there are many real life scenarios that demand for offline and immediate payments (e.g., mobile ticketing, vending machines,etc). However, offline payments in Bitcoin raise non-trivial security challenges, as the payee has no means to verify the received coins without having access to the Bitcoin network.Moreover, even online immediate payments are shown to be vulnerable to double-spending attacks.In this paper, we propose the first solution for Bitcoin payments, which enables secure payments with Bitcoin in offline settings and in scenarios where payments need to be immediately accepted. Our approach relies on an offline wallet and deploys several novel security mechanisms to prevent double-spending and to verify the coin validity in offline set-ting. These mechanisms achieve probabilistic security to guarantee that the attack probability is lower than the de-sired threshold. We provide a security and risk analysis as well as model security parameters for various adversaries.We further eliminate remaining risks by detection of misbehaving wallets and their revocation.We implemented our solution for mobile Android client sand instantiated an offline wallet using a microSD security card. Our implementation demonstrates that smooth integration over a very prevalent platform (Android) is possible,and that offline and online payments can practically co-exist.We also discuss alternative deployment approach for the offline wallet which does not leverage secure hardware, but instead relies on a deposit system managed by the Bitcoin network.}, added-at = {2020-05-03T20:09:10.000+0200}, author = {Dmitrienko, Alexandra and Noack, David and Yung, Moti}, biburl = {https://www.bibsonomy.org/bibtex/2ee24001f949a81761c8836999f27961f/sssgroup}, booktitle = {ACM Conference on Information, Computer and Communications Security (AsiaCCS)}, interhash = {11b1e5bc436430c094eb58a6b807c0c6}, intrahash = {ee24001f949a81761c8836999f27961f}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown}, month = apr, pdf = {https://se2.informatik.uni-wuerzburg.de/pa/publications/download/paper/1543.pdf}, timestamp = {2022-12-19T21:23:11.000+0100}, title = {Secure Wallet-Assisted Offline Bitcoin Payments with Double-Spender Revocation (distinguished paper award)}, venue = {ACM Conference on Information}, year = 2017 }