Future Generation Computer Systems 114 (2021) 647–648

Contents lists available at ScienceDirect

Future Generation Computer Systems

journal homepage: www.elsevier.com/locate/fgcs

Editorial

Editorial for accountability and privacy issues in blockchain and

cryptocurrency
∗
Sherman S.M. Chow a , , Kim-Kwang Raymond Choo b , Jinguang Han c
a
Department of Information Engineering, Chinese University of Hong Kong, Shatin, N.T., Hong Kong
b
Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, TX 78249-0631, USA
c
School of Electronics, Electrical Engineering and Computer Science, Queen’s University Belfast, UK

article info a b s t r a c t

Article history: The increasing popularity of blockchain and cryptocurrency reinforces the importance of accountability
Available online 27 August 2020 and privacy. Privacy is a fundamental human right, yet, malevolent or criminal should be held
accountable, which mitigates the severity of malicious and criminal exploitation even with privacy
protections in place. This editorial reports on the findings from seven accepted papers (acceptance
rate of 30.44%).
© 2020 Published by Elsevier B.V.

1. An overview of this special issue
Cryptocurrency is a digital version of currency that uses cryp-
tographic technologies to guarantee the security of transactions.
In recent years, cryptocurrencies such as Bitcoin and Ether are
increasingly popular, including among cybercriminals (e.g., in
ransomware cases). Blockchain underpins many of the exist-
ing cryptocurrencies and plays an extremely crucial role due
to its many desirable properties (e.g., transaction distribution
and decentralized consensus). Applications of blockchain include
identity management, smart contract, and e-health, to name a
few. Similar to other technologies, ensuring privacy and account-
ability is important for many different reasons and scenarios,
which is also our focus in this special issue.
Blockchain and cryptocurrency can be maliciously and crim-
inally exploited, as pointed out in two of the seven accepted
papers in this special issue. For example, Moubarak, Chamoun,
and Filiol [1] studied several blockchain-related features under-
pinning Bitcoin, Ripple, Ethereum, Hyperledger, Algorand, and
IOTA networks, and demonstrated how vulnerabilities in these
features can be exploited to facilitate nefarious activities. On a
similar note, Bartoletti, Carta, Cimoli, and Saia [2] comprehen-
sively surveyed existing Ponzi schemes that can be, or had been,
carried out on Ethereum, and reported on their behavior and their
potential impacts and consequences.
Vulnerabilities that can be exploited are not restricted only
to technical weaknesses (e.g., bugs [3,4]) or social engineering
(e.g., Ponzi schemes [2]), as explained by Saito and Iwamura [5].
∗ Corresponding author.
E-mail addresses: sherman@ie.cuhk.edu.hk (S.S.M. Chow),
raymond.choo@fulbrightmail.org (K.-K.R. Choo), J.Han@qub.ac.uk (J. Han).
Their paper explained the potential for (market) manipulation
of the fluctuations in cryptocurrency prices (or exchange rate),
particularly in cryptocurrencies based on the Proof of Work (PoW)
consensus algorithm. Seeking to mitigate the limitations, the
authors suggested making three changes to PoW-based cryp-
tocurrency and demonstrated its potential using simulations.
While Blockchain provides immutability, it is not compatible
with scenarios that expect summarizing or removing data for
storage or privacy (e.g., ‘‘the right to be forgotten’’) requirements.
Dorri, Kanhere, and Jurdak [6] introduce multiple partially dis-
tributed agents to remove or summarize blockchain transactions,
with a reward mechanism incentivizing helpers of this process.
They also propose a key management technique that shares con-
ceptual similarities with hierarchical deterministic (HD) wallets.
Security of the wallets is dependent on their implementations
and their building blocks, such as ECDSA signatures used to certify
Bitcoin transactions. If there are backdoors in the implementa-
tion, they can be exploited to facilitate attacks such as klepto-
graphic attacks (i.e., leakage of the private key). Therefore, Wang,
Li, Gao, and Li [3] proposed a kleptographically-secure HD wal-
let for multiple offline Bitcoin transactions, using an interactive
signing protocol. Another potential implementation vulnerability
is weak randomness, and a deterministic solution was presented
in RFC 6979. Wang, Yu, Zhang, Piao, and Liu [4] analyzed Bit-
coin transactions from January 2009 to July 2017 to discover
a common pattern and clues for spam transaction attacks that
may exploit the ECDSA weak randomness and surveyed popular
Bitcoin wallets to determine whether they conform to RFC 6979.
Blockchain can also help in building other applications to
achieve accountability and privacy. For example, Yang, Yi, Nepal,
Kelarev, and Han [7] used blockchain for their voting system to
register all voters’ public keys, detect double voting, and ensure

https://doi.org/10.1016/j.future.2020.08.039
0167-739X/© 2020 Published by Elsevier B.V.
648 S.S.M. Chow, K.-K.R. Choo and J. Han / Future Generation Computer Systems 114 (2021) 647–648
each ballot’s integrity. All voters perturb their vote by a ran-
dom factor (which cancels each other as in existing self-tallying
systems), apply homomorphic encryption, and prepare a zero-
knowledge proof (ZKP) for public detection of deviation. Final
tally decryption is shifted from the traditional tallying authori-
ties to revealing decryption-key shares of all candidates, without
using ZKP. Future work on their system includes voter privacy,
receipt freeness, and formal model and proofs for security.
2. Concluding remarks
While this special issue has reported on various aspects of
accountability, blockchain, and cryptocurrency in the seven ac-
cepted papers, there are many research problems with seemingly
conflicting requirements that need to be explored and addressed.
For example:
• Anonymity vs. accountability/auditability in other contexts
(e.g., cryptocurrency and reputation)
• Security vs. criminal misuse
• Security vs. privacy (e.g., privacy-preserving authentication
and other decentralized systems)
• Cryptographic building blocks (e.g., privacy-enhancing sig-
natures, cliptographic signatures [8], sharding and consen-
sus protocols [9])
• Practical applications (e.g., auction [10], lottery [11], and
data sharing [12])
• Applications in special scenarios (e.g., internet of things [13],
intrusion detection [14])
• Smart-contract applications [15]
• Legal and regulation
Declaration of competing interest
The authors declare that they have no known competing finan-
cial interests or personal relationships that could have appeared
to influence the work reported in this paper.
Acknowledgments
We thank all the submitting authors from Australia, China,
France, Germany, Italy, Japan, South Korea, Lebanon, Malaysia,
Pakistan, Poland, Russia, and Taiwan, for their contributions.
We also thank all reviewers for their efforts in reviewing the
manuscripts (their names are omitted based on the editor-in-
chief’s suggestion).
References
[1] J. Moubarak, M. Chamoun, E. Filiol, On distributed ledgers security and
illegal uses, Future Gener. Comput. Syst. 113 (2020) 183–195.
[2] M. Bartoletti, S. Carta, T. Cimoli, R. Saia, Dissecting Ponzi schemes on
Ethereum: identification, analysis, and impact, Future Gener. Comput. Syst.
102 (2020) 259–277.
[3] H. Wang, X. Li, J. Gao, W. Li, MOBT: A kleptographically-secure hierarchical-
deterministic wallet for multiple offline Bitcoin transactions, Future Gener.
Comput. Syst. 101 (2019) 315–326.
[4] Z. Wang, H. Yu, Z. Zhang, J. Piao, J. Liu, ECDSA weak randomness in bitcoin,
Future Gener. Comput. Syst. 102 (2020) 507–513.
[5] K. Saito, M. Iwamura, How to make a digital currency on a blockchain
stable, Future Gener. Comput. Syst. 100 (2019) 58–69.
[6] A. Dorri, S.S. Kanhere, R. Jurdak, MOF-BC: a memory optimized and flexible
blockchain for large scale networks, Future Gener. Comput. Syst. 92 (2019)
357–373.
[7] X. Yang, X. Yi, S. Nepal, A. Kelarev, F. Han, Blockchain voting: Publicly ver-
ifiable online voting protocol without trusted tallying authorities, Future
Gener. Comput. Syst. 112 (2020) 859–874.
[8] S.S. Chow, A. Russell, Q. Tang, M. Yung, Y. Zhao, H. Zhou, Let a non-barking
watchdog bite: Cliptographic signatures with an offline watchdog, in:
Public-Key Cryptography - PKC 2019 - 22nd IACR International Conference
on Practice and Theory of Public-Key Cryptography, Beijing, China, April
14-17, 2019, Proceedings, Part I, in: Lecture Notes in Computer Science,
vol. 11442, Springer, 2019, pp. 221–251.
[9] S.S. Chow, Z. Lai, C. Liu, E. Lo, Y. Zhao, Sharding blockchain, in: IEEE Inter-
natinal Workshop on Blockchain for the IoT, IEEE International Conference
on Blockchain 2018, Halifax, NS, Canada, July 30 - August 3, 2018, IEEE,
2018, p. 1665.
[10] J. Wang, S.S. Chow, Secure strategyproof ascending-price spectrum auction,
in: IEEE Symposium on Privacy-Aware Computing, PAC 2017, Washington,
DC, USA, August 1-4, 2017, IEEE, 2017, pp. 96–106.
[11] S.S. Chow, L.C.K. Hui, S. Yiu, K.P. Chow, Practical electronic lotteries with
offline TTP, Comput. Commun. 29 (15) (2006) 2830–2840.
[12] W. Dai, C. Dai, K.R. Choo, C. Cui, D. Zou, H. Jin, SDTE: A Secure blockchain-
based data trading ecosystem, IEEE Trans. Inf. Forensics Secur. 15 (2020)
725–737.
[13] P.J. Taylor, T. Dargahi, A. Dehghantanha, R.M. Parizi, K.-K.R. Choo, A
systematic literature review of blockchain cyber security, Digit. Commun.
Netw. (ISSN: 2352-8648) 6 (2) (2020) 147–156.
[14] W. Meng, E. Tischhauser, Q. Wang, Y. Wang, J. Han, When intrusion
detection meets blockchain technology: A review, IEEE Access 6 (2018)
10179–10188.
[15] W. Meng, J. Wang, X. Wang, J.K. Liu, Z. Yu, J. Li, Y. Zhao, S.S. Chow,
Position paper on blockchain technology: Smart contract and applications,
in: Network and System Security - 12th International Conference, NSS
2018, Hong Kong, August 27-29, 2018, Proceedings, in: Lecture Notes in
Computer Science, vol. 11058, Springer, 2018, pp. 474–483.