Duck Attack on Accountable Distributed Systems - Archive ouverte HAL Access content directly
Conference Papers Year : 2017

Duck Attack on Accountable Distributed Systems

(1) , (2) , (3)


Accountability plays a key role in dependable distributed systems. It allows to detect, isolate and churn malicious/selfish nodes that deviate from a prescribed protocol. To achieve these properties, sev- eral accountable systems use at their core cryptographic primitives that produce non-repudiable evidence of inconsistent or incorrect behavior. In this paper, we show how selfish and colluding nodes can exploit the use of cryptographic digests in accountability protocols to mount what we call a duck attack. In a duck attack, selfish and colluding nodes exploit the use of cryptographic digests to alter the transmission of messages while masquerading as honest entities. The end result is that their selfish behavior remains undetected. This undermines the security guarantees of the accountability protocols. We first discover the duck attack while analyzing PAG — a cus- tom cryptographic protocol to build accountable systems presented at ICDCS 2016. We later discover that accountable distributed sys- tems based on a secure log (essentially a hash-based data structure) are also vulnerable to the duck attack and apply it on AcTinG — a protocol presented at SRDS 2014. To defeat our attack, we modify the underlying secure log to have high-order dependency on the messages stored in it.
Fichier principal
Vignette du fichier
paper.pdf (639.86 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-01589196 , version 1 (12-12-2017)


  • HAL Id : hal-01589196 , version 1


Amrit Kumar, Cédric Lauradoux, Pascal Lafourcade. Duck Attack on Accountable Distributed Systems. 14th International Conference on Mobile and Ubiquitous Systems: Networks and Services MobiQuitous 2017, Nov 2017, Melbourne, Australia. pp.1-8. ⟨hal-01589196⟩
194 View
276 Download


Gmail Facebook Twitter LinkedIn More