2021
|
Erwig, Andreas; Faust, Sebastian; Hostáková, Kristina; Maitra, Monosij; Riahi, Siavash Two-Party Adaptor Signatures From Identification Schemes Miscellaneous Cryptology ePrint Archive, Report 2021/150, 2021. Abstract | Links | BibTeX @misc{cryptoeprint:2021:150,
title = {Two-Party Adaptor Signatures From Identification Schemes},
author = {Andreas Erwig and Sebastian Faust and Kristina Hostáková and Monosij Maitra and Siavash Riahi},
url = {https://eprint.iacr.org/2021/150},
year = {2021},
date = {2021-01-01},
abstract = {Adaptor signatures are a novel cryptographic primitive with important applications for cryptocurrencies. They have been used to construct second layer solutions such as payment channels or cross-currency swaps. The basic idea of an adaptor signature scheme is to tie the signing process to the revelation of a secret value in the sense that, much like a regular signature scheme, an adaptor signature scheme can authenticate messages, but simultaneously leaks a secret to certain parties. Recently, Aumayr et al. provide the first formalization of adaptor signature schemes, and present provably secure constructions from ECDSA and Schnorr signatures. Unfortunately, the formalization and constructions given in this work have two limitations: (1) current schemes are limited to ECDSA and Schnorr signatures, and no
generic transformation for constructing adaptor signatures is known; (2) they do not offer support for aggregated two-party signing, which can significantly reduce the blockchain footprint in applications of adaptor signatures.
In this work, we address these two shortcomings. First, we show that signature schemes that are constructed from identification (ID) schemes, which additionally satisfy certain homomorphic properties, can generically be transformed into adaptor signature schemes. We further provide an impossibility result which proves that unique signature schemes (e.g., the BLS scheme) cannot be transformed into an adaptor signature scheme. In addition, we define two-party adaptor signature schemes with aggregatable public keys and show how to instantiate them via a generic transformation from ID-based signature schemes. Finally, we give instantiations of our generic transformations for the Schnorr, Katz-Wang and Guillou-Quisquater signature schemes.},
howpublished = {Cryptology ePrint Archive, Report 2021/150},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Adaptor signatures are a novel cryptographic primitive with important applications for cryptocurrencies. They have been used to construct second layer solutions such as payment channels or cross-currency swaps. The basic idea of an adaptor signature scheme is to tie the signing process to the revelation of a secret value in the sense that, much like a regular signature scheme, an adaptor signature scheme can authenticate messages, but simultaneously leaks a secret to certain parties. Recently, Aumayr et al. provide the first formalization of adaptor signature schemes, and present provably secure constructions from ECDSA and Schnorr signatures. Unfortunately, the formalization and constructions given in this work have two limitations: (1) current schemes are limited to ECDSA and Schnorr signatures, and no
generic transformation for constructing adaptor signatures is known; (2) they do not offer support for aggregated two-party signing, which can significantly reduce the blockchain footprint in applications of adaptor signatures.
In this work, we address these two shortcomings. First, we show that signature schemes that are constructed from identification (ID) schemes, which additionally satisfy certain homomorphic properties, can generically be transformed into adaptor signature schemes. We further provide an impossibility result which proves that unique signature schemes (e.g., the BLS scheme) cannot be transformed into an adaptor signature scheme. In addition, we define two-party adaptor signature schemes with aggregatable public keys and show how to instantiate them via a generic transformation from ID-based signature schemes. Finally, we give instantiations of our generic transformations for the Schnorr, Katz-Wang and Guillou-Quisquater signature schemes. |
Faust, Sebastian; Hazay, Carmit; Kretzler, David; Schlosser, Benjamin Generic Compiler for Publicly Verifiable Covert Multi-Party Computation Inproceedings Advances in Cryptology - EUROCRYPT 2021 - 40th Annual International
Conference on the Theory and Applications of Cryptographic Techniques,
Zagreb, Croatia, October 17-21, 2021, Proceedings, Part II, pp. 782–811, Springer, 2021. Links | BibTeX @inproceedings{DBLP:conf/eurocrypt/FaustHKS21,
title = {Generic Compiler for Publicly Verifiable Covert Multi-Party Computation},
author = {Sebastian Faust and Carmit Hazay and David Kretzler and Benjamin Schlosser},
url = {https://eprint.iacr.org/2021/251.pdf},
doi = {10.1007/978-3-030-77886-6_27},
year = {2021},
date = {2021-01-01},
booktitle = {Advances in Cryptology - EUROCRYPT 2021 - 40th Annual International
Conference on the Theory and Applications of Cryptographic Techniques,
Zagreb, Croatia, October 17-21, 2021, Proceedings, Part II},
volume = {12697},
pages = {782--811},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
|
2020
|
iBlockchain Konsortium, iBlockchain Policy Paper: Empfehlungen und Erkenntnisse für die Politik Miscellaneous medium.com, 2020. Abstract | Links | BibTeX @misc{iBlockchainKonsortium2020,
title = {iBlockchain Policy Paper: Empfehlungen und Erkenntnisse für die Politik},
author = {iBlockchain Konsortium},
url = {https://iblockchain-projekt.de/wp-content/uploads/2021/02/Policy_paper_final.pdf
https://medium.com/@industrial_blockchain/iblockchain-policy-paper-empfehlungen-und-erkenntnisse-f%C3%BCr-die-politik-b5b24ad8f800},
year = {2020},
date = {2020-12-14},
abstract = {In diesem Artikel werden aus der Arbeit des iBlockchain-Projektes hervorgegangene
technologische und regulatorische Erkenntnisse und Anforderungen zum Thema
Blockchain und DLT im Industrie-Kontext zusammengefasst.},
howpublished = {medium.com},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
In diesem Artikel werden aus der Arbeit des iBlockchain-Projektes hervorgegangene
technologische und regulatorische Erkenntnisse und Anforderungen zum Thema
Blockchain und DLT im Industrie-Kontext zusammengefasst. |
Hebborn, Phil; Lambin, Baptiste; Leander, Gregor; Todo, Yosuke Lower Bounds on the Degree of Block Ciphers Inproceedings Advances in Cryptology - ASIACRYPT 2020 - 26th International Conference on the Theory and Application of Cryptology and Information Security, 2020. Abstract | Links | BibTeX @inproceedings{Hebborn2020,
title = {Lower Bounds on the Degree of Block Ciphers},
author = {Phil Hebborn and Baptiste Lambin and Gregor Leander and Yosuke Todo},
url = {https://eprint.iacr.org/2020/1051},
year = {2020},
date = {2020-12-07},
booktitle = {Advances in Cryptology - ASIACRYPT 2020 - 26th International Conference on the Theory and Application of Cryptology and Information Security},
abstract = {Only the method to estimate the upper bound of the algebraic degree on block ciphers is known so far, but it is not useful for the designer to guarantee the security. In this paper we provide meaningful lower bounds on the algebraic degree of modern block ciphers.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Only the method to estimate the upper bound of the algebraic degree on block ciphers is known so far, but it is not useful for the designer to guarantee the security. In this paper we provide meaningful lower bounds on the algebraic degree of modern block ciphers. |
Erwig, Andreas; Faust, Sebastian; Riahi, Siavash; Stöckert, Tobias CommiTEE: An Efficient and Secure Commit-Chain Protocol using TEEs Miscellaneous Cryptology ePrint Archive, Report 2020/1486, 2020. Abstract | Links | BibTeX @misc{cryptoeprint:2020:1486,
title = {CommiTEE: An Efficient and Secure Commit-Chain Protocol using TEEs},
author = {Andreas Erwig and Sebastian Faust and Siavash Riahi and Tobias Stöckert},
url = {https://eprint.iacr.org/2020/1486},
year = {2020},
date = {2020-11-27},
abstract = {Permissionless blockchain systems such as Bitcoin or Ethereum are slow and expensive, since transactions are processed in a distributed network by a large set of parties. To improve on these shortcomings, a prominent approach is given by so-called 2nd-layer protocols. In these protocols parties process transactions off-chain directly between each other, thereby drastically reducing the costly and slow interaction with the blockchain. In particular, in the optimistic case, when parties behave honestly, no interaction with the blockchain is needed. One of the most popular off-chain solutions are Plasma protocols (often also called commit-chains). These protocols are orchestrated by a so-called operator that maintains the system and processes transactions between parties. Importantly, the operator is trustless, i.e., even if it is malicious users of the system are guaranteed to not lose funds. To achieve this guarantee, Plasma protocols are highly complex and require involved and expensive dispute resolution processes. This has significantly slowed down development and deployment of these systems.
In this work we propose CommiTEE-- a simple and efficient Plasma system leveraging the power of trusted execution environments (TEE). Besides its simplicity, our protocol requires minimal interaction with the blockchain, thereby drastically reducing costs and improving efficiency. An additional benefit of our solution is that it allows for switching between operators, in case the main operator goes offline due to system failure, or behaving maliciously. We implemented and evaluated our system over Ethereum and show that it is at least 2
times (and in some cases more than 16 times) cheaper in terms of communication complexity when compared to existing Plasma implementations. Moreover, for protocols using zero-knowledge proofs (like NOCUST-ZKP), CommiTEE decreases the on-chain gas cost by a factor ≈19 compared to prior solution. },
howpublished = {Cryptology ePrint Archive, Report 2020/1486},
keywords = {},
pubstate = {published},
tppubtype = {misc}
}
Permissionless blockchain systems such as Bitcoin or Ethereum are slow and expensive, since transactions are processed in a distributed network by a large set of parties. To improve on these shortcomings, a prominent approach is given by so-called 2nd-layer protocols. In these protocols parties process transactions off-chain directly between each other, thereby drastically reducing the costly and slow interaction with the blockchain. In particular, in the optimistic case, when parties behave honestly, no interaction with the blockchain is needed. One of the most popular off-chain solutions are Plasma protocols (often also called commit-chains). These protocols are orchestrated by a so-called operator that maintains the system and processes transactions between parties. Importantly, the operator is trustless, i.e., even if it is malicious users of the system are guaranteed to not lose funds. To achieve this guarantee, Plasma protocols are highly complex and require involved and expensive dispute resolution processes. This has significantly slowed down development and deployment of these systems.
In this work we propose CommiTEE-- a simple and efficient Plasma system leveraging the power of trusted execution environments (TEE). Besides its simplicity, our protocol requires minimal interaction with the blockchain, thereby drastically reducing costs and improving efficiency. An additional benefit of our solution is that it allows for switching between operators, in case the main operator goes offline due to system failure, or behaving maliciously. We implemented and evaluated our system over Ethereum and show that it is at least 2
times (and in some cases more than 16 times) cheaper in terms of communication complexity when compared to existing Plasma implementations. Moreover, for protocols using zero-knowledge proofs (like NOCUST-ZKP), CommiTEE decreases the on-chain gas cost by a factor ≈19 compared to prior solution. |
