Bandwidth-Efficient Threshold EC-DSA

Castagnos, Guilhem; Catalano, Dario; Laguillaumie, Fabien; Savasta, Federico; Tucker, Ida

doi:10.1007/978-3-030-45388-6_10

Cited by 47 publications

(19 citation statements)

References 41 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Castagnos et al [21] build upon Gennaro and Goldfeder's t-of-n threshold signature scheme [18], improving computational and bandwidth efficiency. The number of communication rounds required for generating signatures is reduced from 9 to 8, which leaves the scheme still impractical for our use.…”

Section: Evaluation Of Ecdsa Threshold Signature Schemesmentioning

confidence: 99%

Improving security for users of decentralized exchanges through multiparty computation

Annessi¹,

Fast²

2021

Preprint

View full text Add to dashboard Cite

Decentralized cryptocurrency exchanges offer compelling security benefits over centralized exchanges: users control their funds and avoid the risk of an exchange hack or malicious operator. However, because user assets are fully accessible by a secret key, decentralized exchanges pose significant internal security risks for trading firms and automated trading systems, where a compromised system can result in total loss of funds. Centralized exchanges mitigate this risk through API key based security policies that allow professional users to give individual traders or automated systems specific and customizable access rights such as trading or withdrawal limits. Such policies, however, are not compatible with decentralized exchanges, where all exchange operations require a signature generated by the owner's secret key. This paper introduces a protocol based upon multiparty computation that allows for the creation of API keys and security policies that can be applied to any existing decentralized exchange. Our protocol works with both ECDSA and EdDSA signature schemes and prioritizes efficient computation and communication. We have deployed this protocol on Nash exchange, as well as around several Ethereum-based automated market maker smart contracts, where it secures the trading accounts and wallets of thousands of users.

show abstract

Section: Evaluation Of Ecdsa Threshold Signature Schemesmentioning

confidence: 99%

Improving security for users of decentralized exchanges through multiparty computation

Annessi¹,

Fast²

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…In this variant we replace the complex NIZK proof by a sigma protocol that prove the well-formedness of the time-lock puzzle 𝑍 for which we assume straight-line extractability. More precisely, to prove that (𝑍 1 , 𝑍 2 ) = (𝐺 𝑟 ,𝜓 𝑞 (𝐻 𝑟 ) • 𝐹 𝑚 ) relatively to 𝐺 and 𝐻 for some 𝑟 and 𝑚, we can straightforwardly adapt the proof from [29] that a CL ciphertext is well formed to our fast variant, which allows a direct extraction of the message 𝑚. This reduce the size of the crs as we do not need to define G. Moreover, the size of 𝑐 shrinks a lot as we do not need to re-encrypt bit by bit the randomness 𝑟 .…”

Section: Experimental Evaluationmentioning

confidence: 99%

“…We recall the 2 𝜆 -low order assumption for class groups. Definition B.5 (𝛾-Low order assumption [30]). We say that the 𝛾-low order assumption holds for the class group generation CGGen for a given 𝛾 if there exists a negligible function negl, such that for all 𝜆 ∈ N, all PPT adversaries A the following holds:…”

Section: B Assumptionsmentioning

confidence: 99%

See 1 more Smart Citation

Efficient CCA Timed Commitments in Class Groups

Thyagarajan

Castagnos

Laguillaumie

et al. 2021

Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.

show abstract

“…As in [14], the solution is to use repeated GPS proofs [21] with binary challenges to get special soundness. More efficient techniques have been recently proposed in [15]. For the proofs that concern the group G coming from the IPFE setup, a standard Schnorr proof is sufficient.…”

Section: Efficient Blind Interactive Inner Product Fementioning

confidence: 99%

Blind Functional Encryption

Canard

Hamdi

Laguillaumie

2020

Information and Communications Security

Self Cite

View full text Add to dashboard Cite

Functional encryption (FE) gives the power to retain control of sensitive information and is particularly suitable in several practical real-world use cases. Using this primitive, anyone having a specific functional decryption key (derived from some master secret key) could only obtain the evaluation of an authorized function f over a message m, given its encryption. For many scenarios, the data owner is always different from the functionality owner, such that a classical implementation of functional encryption naturally implies an interactive key generation protocol between an entity owning the function f and another one managing the master secret key. We focus on this particular phase and consider the case where the function needs to be secret. In this paper, we introduce the new notion of blind functional encryption in which, during an interactive key generation protocol, the master secret key owner does not learn anything about the function f . Our new notion can be seen as a generalisation of the existing concepts of blind IBE/ABE. After a deep study of this new property and its relation with other security notions, we show how to obtain a generic blind FE from any non-blind FE, using homomorphic encryption and zero-knowledge proofs of knowledge. We finally illustrate such construction by giving an efficient instantiation in the case of the inner product functionality.

show abstract

Bandwidth-Efficient Threshold EC-DSA

Cited by 47 publications

References 41 publications

Improving security for users of decentralized exchanges through multiparty computation

Improving security for users of decentralized exchanges through multiparty computation

Efficient CCA Timed Commitments in Class Groups

Blind Functional Encryption

Contact Info

Product

Resources

About