Our research spans cryptography, data security, and distributed algorithms, with emphasis on cryptography, secure protocols, and consensus for distributed systems and blockchain networks.
During his 20-year career in industrial research at IBM Research - Zurich Christian Cachin has become an expert in distributed, cryptographic protocols. He contributed to solutions for cloud security, developed consensus protocols, and helped to create the Hyperledger Fabric blockchain platform (more info).
Advanced blockchain consensus protocols
Blockchains are trustworthy distributed networks, maintained by many nodes using distributed a consensus process and relying on cryptographic techniques. Some systems regulate which nodes may participate in the consensus protocol, but others leave this completely open and operate without any central authority. Cryptocurrencies rely on blockchains and hold substantial value.
The participating nodes validate transactions executed by the network and append information to the blockchain, which also takes the form of a ledger. A distributed consensus protocol tolerating faults and adversarial attacks ensures that the nodes agree on a unique order in which entries are appended. Advanced cryptographic algorithms play an important role for achieving consistency and privacy. Guaranteeing security and safety for blockchain networks requires mathematical models and sophisticated arguments, drawn from theoretical computer science, cryptography, and the theory of distributed computing.
Based on earlier work on Byzantine-fault tolerant (BFT) consensus for distributing trust on the Internet, we are exploring consensus protocols and security mechanisms, and apply them to blockchain systems.
The current research broadly addresses two questions.
Generalized and asymmetric trust
In traditional consensus protocols, all involved nodes adhere to a global, symmetric trust assumption, typically only expressed through bounds on the number of faulty processes. Most systems deployed today thus count the influence of all nodes in the same way, for example, as when relying on the assumption that a strict 2/3-majority of the nodes are correct. Moreover, all nodes in the system make the same trust assumption.
However, whom one should trust may be a subjective choice. Going beyond this symmetric notion of trust, we are currently exploring models for asymmetric trust. Several practical blockchain systems have recently suggested to let each participating node express its own subjective trust assumption. In this model of asymmetric trust, every node is free to choose which others it trusts and which ones might collude against it.
In our work, we have laid the foundations of this model and discovered applications to real-world networks.
Christian Cachin, Giuliano Losa, and Luca Zanolini. Quorum Systems in Permissionless Networks Proceedings of OPODIS 2022.
Orestis Alpos, Luca Zanolini, and Christian Cachin. How to Trust Strangers: Composition of Byzantine Quorum Systems. Proceedings of SRDS 2021.
Christian Cachin and Luca Zanolini. Revisiting Signature-Free Asynchronous Byzantine Consensus. Proceedings of DISC 2021.
Christian Cachin and Luca Zanolini. From Symmetric to Asymmetric Asynchronous Byzantine Consensus. e-print, arXiv:2005.08795v2 [cs.DC].
Christian Cachin and Björn Tackmann. Asymmetric Distributed Trust. Proceedings of OPODIS 2019.
Blockchain consensus protocols
The consensus protocol used by a blockchain network determines its speed and its security. Whereas the performance can be measured through experimentation, assessing the security requires formal models and analyses. For gaining confidence in a protocol, mathematical insight into their structure must be gained.
We have analyzed several existing protocols and discovered weaknesses in them. Another question of research concerns a generic model for many kinds of blockchain consensus: can they be formulated with a generic notion of an invested resource?
Moreover, we are interested in developing additional features for such protocols: one prominent aspect is fairness. A blockchain network processing financial transactions should be resistant to front-running, which is a type of insider attack that harms innocent users. An order-fair consensus protocol prevents this as much as possible.
Ignacio Amores-Sesar, Christian Cachin, and Enrico Tedeschi. When is Spring coming? A Security Analysis of Avalanche Consensus. Proceedings of OPODIS 2022.
Sarah Azouvi, Christian Cachin, Duc V. Le, Marko Vukolic, and Luca Zanolini. Modeling Resources in Permissionless Longest-Chain Total-Order Broadcast. Proceedings of OPODIS 2022.
Christian Cachin, Jovana Mićić, Nathalie Steinhauer, and Luca Zanolini. Quick Order Fairness. Proceedings of Financial Cryptography 2022.
Ignacio Amores-Sesar, Christian Cachin, and Anna Parker. Generalizing Weighted Trees: A Bridge from Bitcoin to GHOST. Proceedings of ACM AFT 2021.
Ignacio Amores-Sesar, Christian Cachin, and Jovana Mićić. Security Analysis of Ripple Consensus. Proceedings of OPODIS 2020.
Christian Cachin and Marko Vukolić. Blockchain consensus protocols in the wild. Proceedings of DISC 2017.
Digital currencies for central banks
Cryptocurrencies have shown how to realize a secure equivalent of money in a purely digital way. They challenge the role of traditional currencies, which are issued by central banks. Central banks have therefore started to investigate digital currencies, and many are exploring how to issue a central-bank digital currency (CBDC) to consumers for this purpose. By making such Retail CBDCs accessible to households, the existing relationships between central banks, commercial banks, and people will undergo fundamental changes.
This interdisciplinary research project addresses the topic from two perspectives: law and computer science. Key questions concern the legal and technical requirements for cash-like CBDCs, the fundamental normative principles that should apply, and the algorithmic approaches that are available. In particular, there is a strong tension between privacy and data-protection demands, which exist for traditional cash in certain forms, and the objectives of various societal norms that aim to prevent tax evasion, money laundering, organized crime, and so on.
This project is in collaboration with Mirjam Eggen and team at the Institute for Civil Law.
- Zhipeng Wang, Marko Cirkovic, Duc V. Le, William Knottenbelt, and Christian Cachin. Pay Less for Your Privacy: Towards Cost-Effective On-Chain Mixers.. Cryptology ePrint Archive, Paper 2023/1222. To appear in Proceedings of AFT 2023.
Distributed programs running without trusted coordinator, such as the smart contracts executed by a blockchain network, cannot perform cryptographic operations today because no single node can hold a secret key. As one faulty node alone may leak any secrets it knows, keys cannot simply be distributed among the participating nodes. Distributed cryptography, also known as threshold cryptography, provides well-known methods to secure cryptosystems in the model of distributed and fault-tolerant replicated computations on nodes subject to Byzantine faults.
Our research in the realm of distributed cryptosystems aims to provide such cryptographic operations for smart contracts. We have explored consensus protocols with generalized quorums, which encapsulate flexible trust structures motivated by practice. For realizing them, methods to specify the trust models are needed. We have developed efficient implementations for trust assumptions expressed by a monotone Boolean formula or by a monotone span program.
Ongoing work extends these trust models to distributed cryptosystems.
Orestis Alpos and Christian Cachin. Consensus Beyond Thresholds: Generalized Byzantine Quorums Made Live. Proceedings of SRDS 2020.
Orestis Alpos and Christian Cachin. Do Not Trust in Numbers: Practical Distributed Cryptography With General Trust.. Cryptology ePrint Archive, Paper 2022/1767. To appear in the proceedings of SSS 2023.
Our research is currently sponsored by grants and donations from:
- Swiss National Science Foundation
- Ava Labs
- Protocol Labs Research
- Ripple University Blockchain Research Initiative
In the past, our research has also received support from: