loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Dominik Ziegler 1 ; Bernd Prünster 2 ; Marsalek Alexander 2 and Christian Kollmann 3

Affiliations: 1 Know-Center GmbH, Graz and Austria ; 2 Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Graz and Austria ; 3 A-Sit Plus GmbH, Vienna and Austria

Keyword(s): Device Authorisation, Android, Cryptocurrency, Mining, REST, App Integrity, Smartphone, Electroneum, Remote Attestation, Key Attestation.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Secure Software Development Methodologies ; Security and Privacy in Mobile Systems ; Security and Privacy in Web Services ; Security in Information Systems ; Software Security

Abstract: Mobile mining of cryptocurrencies, without relying on CPU-heavy computations, is a novel attempt to foster adoption of a token. However, this approach leaves room for attacks. In this paper, we perform a thorough analysis of Electroneum, one of the first cryptocurrencies to introduce a mobile mining process. We show that mobile mining, without relying on a consensus algorithm (e.g. Proof-Of-Work), is not feasible on current generation Android smartphones. We further demonstrate that the security mechanisms employed by Electroneum can be circumvented and that mobile mining can be exploited successfully. Based on this analysis, we discuss several practical countermeasures, which can be applied on smartphones to enforce device authorisation and prevent abuse.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.233.219.31

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Ziegler, D.; Prünster, B.; Alexander, M. and Kollmann, C. (2018). Spoof-of-Work - Evaluating Device Authorisation in Mobile Mining Processes. In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-319-3; ISSN 2184-3236, SciTePress, pages 380-387. DOI: 10.5220/0006859005460553

@conference{secrypt18,
author={Dominik Ziegler. and Bernd Prünster. and Marsalek Alexander. and Christian Kollmann.},
title={Spoof-of-Work - Evaluating Device Authorisation in Mobile Mining Processes},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - SECRYPT},
year={2018},
pages={380-387},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006859005460553},
isbn={978-989-758-319-3},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - SECRYPT
TI - Spoof-of-Work - Evaluating Device Authorisation in Mobile Mining Processes
SN - 978-989-758-319-3
IS - 2184-3236
AU - Ziegler, D.
AU - Prünster, B.
AU - Alexander, M.
AU - Kollmann, C.
PY - 2018
SP - 380
EP - 387
DO - 10.5220/0006859005460553
PB - SciTePress