I am now working at UCL. My new homepage is here.
About Patrick McCorry
I am under the supervision of Feng Hao. My colleagues are Sia, Taha, Maryam and Ehsan.
At heart I am an Engineer and interests include cryptocurrencies, smart contracts, cryptography and decentralised systems.
Why Cryptography? It is not just about hiding information (encryption) - it is about minimising trust (i.e. trusting mathematics, not humans).
- [Preprint] Sprites: Payment Channels that Go Faster than Lightning, Andrew Miller, Iddo Bentov, Ranjit Kumaresan, Patrick McCorry, under review. [Paper] [GitHub] [Coindesk]
- A smart contract for Bidirectional Payment Channels without an expiry time.
- Benefits of Ethereum include continuous withdrawals and deposits.
- Introduces a PreimageManager that reduces the worst-case delay to constant time.
- [FC'17] A Smart Contract for Boardroom Voting with Maximum Voter Privacy, Patrick McCorry, Siamak F. Shahandashti, and Feng Hao, accepted at the 21st Financial Cryptography and Data Security conference, Sliema, Malta. [Paper] [GitHub]
- We study the feasibility of executing cryptography protocols over the Ethereum blockchain.
- We implement the Open Vote Network that is a self-tallying internet voting protocol as a smart contract in Solidity.
- Our smart contract won 3rd prize in the Economist Security Challenge and the code is publicly available. [Blog] [Economist] [Economist Report] [Coindesk]
- [ACISP'16] Towards Bitcoin Payment Networks, Patrick McCorry, Malte Möser, Siamak F. Shahandashti, and Feng Hao, invited paper for 21st Australasian Conference on Information Security and Privacy , Melbourne, Australia.[Paper] [Blog]
- We summarise a new field of research 'Bitcoin Payment Networks' and provide a comparison for Duplex Micropayment Channels and Lightning Channels.
- We discuss how to perform Hashed Time-Locked Contracts (HTLC) in both schemes, and the challenges that payment networks face.
- It is our hope that this paper will inspire others to consider further research in this area.
- [FC'16] Refund Attacks on Bitcoins Payment Protocol, Patrick McCorry, Siamak F. Shahandashti, and Feng Hao, accepted at the 20th Financial Cryptography and Data Security conference, Bridgetown, Barbados.[Paper] [Blog]
- In this paper, we present new attacks on the Payment Protocol, which affect all BIP70 merchants.
- The Silkroad Trader attack highlights an authentication vulnerability in the Payment Protocol while the Marketplace Trader attack exploits the refund policies of existing Payment Processors.
- Both attacks have been experimentally verified on real-life merchants using a modified Bitcoin wallet.
- They have also been acknowledged by both Coinbase and Bitpay with temporary mitigation measures put in place.
- [SSR'15] Authenticated Key Exchange over Bitcoin, Patrick McCorry, Siamak F. Shahandashti, Dylan Clarke, and Feng Hao, accepted by the 2nd Security Standardisation Research Conference in Tokyo, Japan. [Paper]
- Allows two pseudonymous parties to establish a secure end-to-end communication channel using Bitcoin's public ledger.
- This Bitcoin-based Authentication is necessary in the cryptocurrency world as PKI (Pubic key infrastructure) and PAKE (Password based Authenticated Key Exchange) is not good enough to authenticate two pseudnymous users.
- Our technique exploits the random nonce found in ECDSA signatures.
- [SPW'15] Bitcoin: Perils of an Unregulated Global P2P Currency, Syed Taha Ali, Dylan Clarke, Patrick McCorry, accepted by the 23rd Security Protocols Workshop in Cambridge, England. [Paper]
- Ideological and design choices that define Bitcoin’s strengths are also directly responsible for the Bitcoin-related crime that we encounter in the news so often today.
- [BITCOIN'15] ZombieCoin: Powering Next-Generation Botnets with Bitcoin, Syed Taha Ali, Patrick McCorry, Peter Hyun-Jeen Lee and Feng Hao, accepted by the 2nd FC Workshop on Bitcoin Research 2015 in San Jaun, Puerto Rico. [Paper] [Forbes]
- We outline a design for next-generation Botners that leverage the Bitcoin network for a stealth and fast command & control center.
- Our design is immune to traditional takedown methods (closing web accounts/chatrooms/domains, poisoning routing tables, etc) - we have not yet discovered a method to "take down" these future botnets.
- [DIS'14] PosterVote: expanding the action repertoire for local political activism, Vasilis Vlachokyriakos, Rob Comber, Karim Ladha, Nick Taylor, Paul Dunphy, Patrick McCorry, Patrick Olivier, accepted at Proceedings of DIS 2014. [Paper]
- A low-cost deployable poster to encourage local political activism
Peer review activities
- Program Committee Member
- 4th Bitcoin Workshop @ Financial Cryptography 2017
- Requested Reviewer
- International Workshop on Digital Crime and Forensics 2016
- 14th Theory of Cryptography Conference 2016
- 21st European Symposium on Research in Computer Security (ESORICS) 2016
- 20th Financial Cryptography 2016
- 3rd Bitcoin Workshop @ Financial Cryptography 2016
- 20th European Symposium on Research in Computer Security (ESORICS) 2015
I have had the pleasure of presenting to the following audiences (slides and videos):
- A Smart Contract for Boardroom Voting with Maximum Voter Privacy
- IC3 Winter Retreat 2017
- Financial Cryptography 2017
- Purdue University Security Seminar
- Stanford University Security Seminar
- Towards Bitcoin Payment Networks
- Bitcoin Summer School (Corfu) 2016
- Australasian Conference on Information Security and Privacy 2016
- Refund Attacks on Bitcoins Payment Protocol
- North East Fraud Forum 2015
- PhD Consortium @ European Symposium on Research in Computer Security (ESORICS) 2015
- Cryptoforma @ University of Strathclyde 2015
- Financial Cryptography 2016
- Authenticated Key Exchange over Bitcoin
- Security Standardisation Research 2015
- ZombieCoin: Powering Next-Generation Botnets with Bitcoin
- Cryptoforma @ Kent University 2015
- Bitcoin Workshop @ Financial Cryptography 2015
Awards that I have been lucky to win:
- 3rd Prize in the Economist Cyber Security Challenge.
- Design an e-voting system over the Blockchain [Economist],
- Short listed for Impact in Progress Award
- Only PhD student short-listed across all departments at Newcastle University
- 1st Prize in the Creative Cyber Security Hackathon
- Hosted by Newcastle University, Lancaster University, Raytheon and BIS (Department for Business and Innovation, UK) [Press]
- Best overall performance in Computer Science 2013
- [Award] was sponsored by Watersons
- Scott Logic Excellence Award
- Highest grade during the second year of the bachelor's degree
- Best Team for Team Project in Stage 2
- Excellence Scholarship
- Over-achieved the entry requirements to study at Newcastle University
Before the (emotional roller coaster) PhD
In my past life, I graduated 1st in my class with a BSc (Hons) Computer Science with Industrial Placement and during this course I had two jobs:
- Intern Software Engineer for CICS (Customer Information Control Systems) and CPSM (CICSPlex System Management) at IBM,
- Supervisor @ Subway for 5 years, working alongside Moffy.
My Linkedin profile and curriculum vitae.
I will talk to anyone who wants to talk to me and can be contacted at patrick.mccorry at ncl.ac.uk.
Thank you for visiting my page!