A redactable consortium blockchain (RCB) can build a trust layer for industrial internet of things (IIoT) so as to enable IIoT to resist certain powerful attacks resulting in improper block content. The redactability is particularly important for blockchains applied in IIoT with valuable or sensitive activities such as financial IoT or energy-trading IoT. Huang et al. proposed a threshold chameleon hash (TCH) scheme and then constructed an accountable-and-sanitizable chameleon signature scheme based on TCH. These two primitives are further used as fundamental modules to build an RCB, which empowers IIoT devices to operate the blockchain in a controllable way. However, our paper shows that Huang et al.’s RCB suffers from a security problem that weakens the crucial redactability. Specifically, we find out that if a transaction in a given block is legally redacted by all authorized sensors who collectively hold the private redacting key, anyone (without any private information) can further redact this redacted transaction and delete any transaction within this redacted block and, meanwhile, any sensor user with a private signing (not redacting) key can insert a forged transaction into this redacted block. We further address this threat by replacing the TCH module in Huang et al.’s RCB with our designed TCH.

中文翻译：

---

工业物联网可编辑联盟区块链的安全性分析与改进

可编辑的联盟区块链 (RCB) 可以为工业物联网 (IIoT) 建立信任层，从而使 IIoT 能够抵抗某些强大的攻击，从而导致不正确的块内容。可编辑性对于应用于具有有价值或敏感活动的 IIoT 中的区块链尤其重要，例如金融物联网或能源交易物联网。黄等人。提出了一种阈值变色龙哈希（TCH）方案，然后构建了基于TCH的可问责和可消毒的变色龙签名方案。这两个原语进一步用作构建 RCB 的基础模块，使 IIoT 设备能够以可控的方式操作区块链。然而，我们的论文表明，Huang 等人的 RCB 存在安全问题，削弱了关键的可编辑性。具体来说，我们发现，如果给定块中的交易被所有共同持有私有编辑密钥的授权传感器合法编辑，任何人（没有任何私人信息）都可以进一步编辑该编辑交易并删除该编辑块内的任何交易，同时，任何拥有私人签名（非编校）密钥的传感器用户都可以将伪造的交易插入到这个编校块中。我们通过用我们设计的 TCH 替换 Huang 等人的 RCB 中的 TCH 模块来进一步解决这一威胁。任何拥有私人签名（非编校）密钥的传感器用户都可以将伪造的交易插入到这个编校块中。我们通过用我们设计的 TCH 替换 Huang 等人的 RCB 中的 TCH 模块来进一步解决这一威胁。任何拥有私人签名（非编校）密钥的传感器用户都可以将伪造的交易插入到这个编校块中。我们通过用我们设计的 TCH 替换 Huang 等人的 RCB 中的 TCH 模块来进一步解决这一威胁。