A new security feature developed by IBM and Intel extends blockchain capabilities and helps increase trust in high-stakes markets such as wireless spectrum auctions.
As telecom companies start rolling out the fifth generation of wireless networks, the term 5G is becoming omnipresent in the news linking it to the prospect of higher data transfer speeds. The race is on for businesses to tap into the promised speed bonanza. And given the high expectations, there is a lot at stake when it comes to securing bandwidth to operate the new technology. A new, blockchain-based security feature called Fabric Private Chaincode and developed by scientists at IBM and Intel can help establish trust in applications with strong privacy requirements, such as in the auctioning of wireless spectrum.
The project will be presented on March 4 at the Hyperledger Global Forum in Phoenix, AZ.
Billions of dollars at stake
Bandwidth allocation involves auctions with companies bidding for portions of the spectrum and a government agency acting as the auctioneer. These spectrum auctions represent investments in the order of billions of dollars so there is a non-negligible incentive for participants to try to game the system. Cheating can be attempted through collusion among companies or with the auctioneer, as well as by watching the bids of opponents before submitting one’s own bid and trying to conceal one’s own valuation of an asset until the opponent has revealed their valuation. Therefore, making sure that all bids submitted are confidential and that not even the auctioneer can manipulate the outcome of the auction are crucial requirements.
No need to trust the auctioneer
Market designers usually take great pains to ensure that in this kind of auction collusion and other forms of cheating are impossible by design. But even the best-designed auction still typically relies on a model of security where the auctioneer must be trusted not to collude with a bidder. The strong incentive to cheat combined with a security model with a potentially large “attack surface” can add up to large insurance and legal costs for everyone involved.
Now, researchers at IBM and Intel have developed a solution that relies on blockchain technology to address such loopholes and increase trust in the context of high-stakes use cases such as private auctions. It is called Fabric Private Chaincode (FPC) and it can be added to the Hyperledger Fabric, a permissioned blockchain hosted by the Linux Foundation, as a modular security feature. FPC uses Intel® Software Guard Extensions technology (Intel® SGX) in a way that enhances privacy and integrity throughout the auction.
How FPC helps establish trust
There are two aspects to trust in the context of an auction: confidentiality and integrity.
Confidentiality means here that the bids are kept secret from both the bidders and the auctioneer.
Integrity, on the other hand, means that neither the chaincode used to run the auction nor the transactions containing the bids can be tampered with.
The Fabric Private Chaincode project is a great example of how a smart combination of chaincode and Intel SGX can boost the value of blockchain technology by enabling new business models based on a new model of trust. In existing Hyperledger Fabric architectures, the integrity of smart contracts is protected by having multiple peers(servers) execute the same chaincode and verify that their results match. This works well for many use cases, but doesn’t suffice in systems where private execution is required.
Using Fabric Private Chaincode system, it is possible to design a high-stakes auction in which the “auctioneer” is in fact a smart contract, for which the source code may be inspected beforehand by all parties to the auction. When the auction begins, the participants can use Intel® SGX to get a cryptographic attestation to help verify that the code hasn’t been modified, and also have more confidence that the auctioneer is not looking inside the program while it executes. Not even the government agency running the auction can look into the bids or tamper with the execution. This new trust model is more compatible with positive incentives to simply bid one’s true value of each asset.
Ready for pilot deployment
In many real-world use cases such as high-stakes auctions, we expect FPC to add value by removing incentives to game the system. Doing so strengthens trust in the system and can help cut costs by removing the need for expensive security measures, oversight, insurance, and legal fees.
IBM and Intel believe that in the future Fabric Private Chaincode can facilitate more widespread adoption of Trusted Execution Environments such as Intel SGX. We anticipate that the trend in exploiting the capabilities of TEEs will move beyond specific high-stake use cases towards widespread use in blockchain applications, similarly to what HTTPS did for the Web.
With the festive season just days away, it’s not just turkey and cranberry sauce flying off the supermarket shelves. It’s also champagne, wine, gin… and, of course, whisky. And it better be genuine. IBM researchers are working on technologies to help you make sure the whisky you buy is indeed what it says on the […]
In the paper “Integrated gallium phosphide nonlinear photonics”, recently published in the peer-reviewed journal Nature Photonics, we report on the development of high-performance photonic devices made of the crystalline semiconductor gallium phosphide. This work represents a breakthrough in the manipulation of light with semiconductor materials integrated on a chip. It opens the door to a […]
Ever since the discovery of Spectre and Meltdown at the beginning of 2018, my team at IBM Research – Zurich and I have been focusing very closely on the study of transient execution attacks. Beginning that journey, we quickly realized that in order to study transient execution attacks, we first needed to observe and understand […]