Abstract
Technology is being used increasingly for lowering the trust barrier in domains where collaboration and cooperation are necessary, but reliability and efficiency are critical due to high stakes. An example is an industrial marketplace where many suppliers must participate in production while ensuring reliable outcomes; hence, partnerships must be pursued with care. Online marketplaces like Xometry facilitate partnership formation by vetting suppliers and mediating the marketplace. However, such an approach requires that all trust be vested in the middleman. This centralizes control, making the system vulnerable to being biased towards specific providers. The use of blockchains is now being explored to bridge the trust gap needed to support decentralizing marketplaces, allowing suppliers and customers to interact more directly by using the information on the blockchain. A typical scenario is the need to preserve privacy in certain interactions initiated by the buyer (e.g., protecting a buyer’s intellectual property during outsourcing negotiations). In this work, we initiate the formal study of matching between suppliers and buyers when buyer-privacy is required for some marketplace interactions and make the following contributions. First, we devise a formal security definition for private interactive matching in the Universally Composable (UC) Model that captures the privacy and correctness properties expected in specific supply chain marketplace interactions. Second, we provide a lean protocol based on any programmable blockchain, anonymous group signatures, and public-key encryption. Finally, we implement the protocol by instantiating some of the blockchain logic by extending the BigChainDB blockchain platform.
Varun Madathil and Alessandra Scafuro are supported by NSF Award #1764025.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Xometry https://www.xometry.com/ is one among many other (e.g., Fictiv, Protolab) online portals for on-demand manufacturing services that match their vetted suppliers with customers interested in 3D printing their unique designs.
- 2.
In threshold group signatures, a signature can be de-anonymized only if a threshold of managers all agree to perform de-anonymization.
References
MongoDB: the most popular database for modern apps. https://www.mongodb.com/
Ateniese, G., Camenisch, J., Hohenberger, S., De Medeiros, B.: Practical group signatures without random oracles (2005)
Benhamouda, F., Halevi, S., Halevi, T.: Supporting private data on hyperledger fabric with secure multiparty computation. IBM J. Res. Dev. 63(2/3), 1–8 (2019)
Benjumea, V., Choi, S.G., Lopez, J., Yung, M.: Fair traceable multi-group signatures. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 231–246. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85230-8_21
Bichsel, P., Camenisch, J., Neven, G., Smart, N.P., Warinschi, B.: Get shorty via group signatures without encryption. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 381–398. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15317-4_24
Blömer, J., Juhnke, J., Löken, N.: Short group signatures with distributed traceability. In: Kotsireas, I.S., Rump, S.M., Yap, C.K. (eds.) MACIS 2015. LNCS, vol. 9582, pp. 166–180. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-32859-1_14
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proceedings 42nd IEEE Symposium on Foundations of Computer Science, pp. 136–145. IEEE (2001)
Canetti, R., Hogan, K., Malhotra, A., Varia, M.: A universally composable treatment of network time. In: 2017 IEEE 30th Computer Security Foundations Symposium (CSF), pp. 360–375. IEEE (2017)
Chang, S.E., Chen, Y.C., Lu, M.F.: Supply chain re-engineering using blockchain technology: a case of smart contract based tracking process. Technol. Forecast. Soc. Change 144, 1–11 (2019)
Galal, H.S., Youssef, A.M.: Verifiable sealed-bid auction on the ethereum blockchain. In: Zohar, A., et al. (eds.) FC 2018. LNCS, vol. 10958, pp. 265–278. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-662-58820-8_18
Ghadafi, E.: Efficient distributed tag-based encryption and its application to group signatures with efficient distributed traceability. In: Aranha, D.F., Menezes, A. (eds.) LATINCRYPT 2014. LNCS, vol. 8895, pp. 327–347. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16295-9_18
Goldfeder, S., Bonneau, J., Gennaro, R., Narayanan, A.: Escrow protocols for cryptocurrencies: how to buy physical goods using bitcoin. In: Kiayias, A. (ed.) FC 2017. LNCS, vol. 10322, pp. 321–339. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70972-7_18
Hyperledger: hyperledger/ursa. https://github.com/hyperledger/ursa/tree/master/libzmix/src/signatures/ps
Kabi, O.R., Franqueira, V.N.L.: Blockchain-based distributed marketplace. In: Abramowicz, W., Paschke, A. (eds.) BIS 2018. LNBIP, vol. 339, pp. 197–210. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-04849-5_17
Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC Press, Boca Raton (2020)
Klems, M., Eberhardt, J., Tai, S., Härtlein, S., Buchholz, S., Tidjani, A.: Trustless intermediation in blockchain-based decentralized service marketplaces. In: Maximilien, M., Vallecillo, A., Wang, J., Oriol, M. (eds.) ICSOC 2017. LNCS, vol. 10601, pp. 731–739. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69035-3_53
Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 839–858. IEEE (2016)
Kumar, G., et al.: Decentralized accessibility of e-commerce products through blockchain technology. Sustain. Urban Areas 62, 102361 (2020)
Kwon, J.: Tendermint: consensus without mining. Draft v. 0.6, fall 1(11) (2014)
Lindell, Y., Pinkas, B.: A proof of security of Yao’s protocol for two-party computation (2006)
Madathil, V., Scafuro, A., Anyanwu, K., Qiao, S., Pateria, A., Starly, B.: Preserving buyer-privacy in decentralized supply chain marketplaces. Cryptology ePrint Archive, Report 2022/105 (2022). https://ia.cr/2022/105
Maram, D., et al.: Candid: can-do decentralized identity with legacy compatibility, sybil-resistance, and accountability. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 1348–1366. IEEE (2021)
McConaghy, T., et al.: BigchainDB: a scalable blockchain database. White paper, BigChainDB (2016)
Montecchi, M., Plangger, K., Etter, M.: It’s real, trust me! Establishing supply chain provenance using blockchain. Bus. Horiz. 62(3), 283–293 (2019)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Decentralized Bus. Rev. 21260 (2008). https://bitcointalk.org/index.php?topic=321228.0
Özyilmaz, K.R., Doğan, M., Yurdakul, A.: IDMoB: IoT data marketplace on blockchain. In: 2018 Crypto Valley Conference on Blockchain Technology (CVCBT), pp. 11–19. IEEE (2018)
Pointcheval, D., Sanders, O.: Short randomizable signatures. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 111–126. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29485-8_7
Ranganthan, V.P., Dantu, R., Paul, A., Mears, P., Morozov, K.: A decentralized marketplace application on the ethereum blockchain. In: 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC), pp. 90–97. IEEE (2018)
Sasson, E.B., et al.: Zerocash: decentralized anonymous payments from bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 459–474. IEEE (2014)
Soska, K., Christin, N.: Measuring the longitudinal evolution of the online anonymous marketplace ecosystem. In: 24th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 15), pp. 33–48 (2015)
Soska, K., Kwon, A., Christin, N., Devadas, S.: Beaver: a decentralized anonymous marketplace with secure reputation. IACR Cryptol. ePrint Arch. 2016, 464 (2016)
Subramanian, H.: Decentralized blockchain-based electronic marketplaces. Commun. ACM 61(1), 78–84 (2017)
Thio-ac, A., Domingo, E.J., Reyes, R.M., Arago, N., Jorda Jr, R., Velasco, J.: Development of a secure and private electronic procurement system based on blockchain implementation. arXiv preprint arXiv:1911.05391 (2019)
Thio-ac, A., Serut, A.K., Torrejos, R.L., Rivo, K.D., Velasco, J.: Blockchain-based system evaluation: the effectiveness of blockchain on e-procurements. arXiv preprint arXiv:1911.05399 (2019)
Uesugi, T., Shijo, Y., Murata, M.: Short paper: design and evaluation of privacy-preserved supply chain system based on public blockchain. arXiv preprint arXiv:2004.07606 (2020)
Westerkamp, M., Victor, F., Küpper, A.: Blockchain-based supply chain traceability: token recipes model manufacturing processes. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1595–1602. IEEE (2018)
Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151(2014), 1–32 (2014)
Xiong, J., Wang, Q.: Anonymous auction protocol based on time-released encryption atop consortium blockchain. arXiv preprint arXiv:1903.03285 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Madathil, V., Scafuro, A., Anyanwu, K., Qiao, S., Pateria, A., Starly, B. (2023). Preserving Buyer-Privacy in Decentralized Supply Chain Marketplaces. In: Garcia-Alfaro, J., Navarro-Arribas, G., Dragoni, N. (eds) Data Privacy Management, Cryptocurrencies and Blockchain Technology. DPM CBT 2022 2022. Lecture Notes in Computer Science, vol 13619. Springer, Cham. https://doi.org/10.1007/978-3-031-25734-6_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-25734-6_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-25733-9
Online ISBN: 978-3-031-25734-6
eBook Packages: Computer ScienceComputer Science (R0)