loading
Papers

Research.Publish.Connect.

Paper

Authors: Dominik Ziegler 1 ; Bernd Prünster 2 ; Marsalek Alexander 2 and Christian Kollmann 3

Affiliations: 1 Know-Center GmbH, Graz and Austria ; 2 Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Graz and Austria ; 3 A-Sit Plus GmbH, Vienna and Austria

ISBN: 978-989-758-319-3

Keyword(s): Device Authorisation, Android, Cryptocurrency, Mining, REST, App Integrity, Smartphone, Electroneum, Remote Attestation, Key Attestation.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Secure Software Development Methodologies ; Security and Privacy in Mobile Systems ; Security and Privacy in Web Services ; Security in Information Systems ; Software Security

Abstract: Mobile mining of cryptocurrencies, without relying on CPU-heavy computations, is a novel attempt to foster adoption of a token. However, this approach leaves room for attacks. In this paper, we perform a thorough analysis of Electroneum, one of the first cryptocurrencies to introduce a mobile mining process. We show that mobile mining, without relying on a consensus algorithm (e.g. Proof-Of-Work), is not feasible on current generation Android smartphones. We further demonstrate that the security mechanisms employed by Electroneum can be circumvented and that mobile mining can be exploited successfully. Based on this analysis, we discuss several practical countermeasures, which can be applied on smartphones to enforce device authorisation and prevent abuse.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 34.204.173.45

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Ziegler, D.; Prünster, B.; Alexander, M. and Kollmann, C. (2018). Spoof-of-Work - Evaluating Device Authorisation in Mobile Mining Processes.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT, ISBN 978-989-758-319-3, pages 380-387. DOI: 10.5220/0006859005460553

@conference{secrypt18,
author={Dominik Ziegler. and Bernd Prünster. and Marsalek Alexander. and Christian Kollmann.},
title={Spoof-of-Work - Evaluating Device Authorisation in Mobile Mining Processes},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT,},
year={2018},
pages={380-387},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006859005460553},
isbn={978-989-758-319-3},
}

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT,
TI - Spoof-of-Work - Evaluating Device Authorisation in Mobile Mining Processes
SN - 978-989-758-319-3
AU - Ziegler, D.
AU - Prünster, B.
AU - Alexander, M.
AU - Kollmann, C.
PY - 2018
SP - 380
EP - 387
DO - 10.5220/0006859005460553

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.