Top

Published in:

2021 | OriginalPaper | Chapter

Two-Party Adaptor Signatures from Identification Schemes

Authors : Andreas Erwig, Sebastian Faust, Kristina Hostáková, Monosij Maitra, Siavash Riahi

Published in: Public-Key Cryptography – PKC 2021

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Adaptor signatures are a novel cryptographic primitive with important applications for cryptocurrencies. They have been used to construct second layer solutions such as payment channels or cross-currency swaps. The basic idea of an adaptor signature scheme is to tie the signing process to the revelation of a secret value in the sense that, much like a regular signature scheme, an adaptor signature scheme can authenticate messages, but simultaneously leaks a secret to certain parties. Recently, Aumayr et al. provide the first formalization of adaptor signature schemes, and present provably secure constructions from ECDSA and Schnorr signatures. Unfortunately, the formalization and constructions given in this work have two limitations: (1) current schemes are limited to ECDSA and Schnorr signatures, and no generic transformation for constructing adaptor signatures is known; (2) they do not offer support for aggregated two-party signing, which can significantly reduce the blockchain footprint in applications of adaptor signatures.

In this work, we address these two shortcomings. First, we show that signature schemes that are constructed from identification (ID) schemes, which additionally satisfy certain homomorphic properties, can generically be transformed into adaptor signature schemes. We further provide an impossibility result which proves that unique signature schemes (e.g., the BLS scheme) cannot be transformed into an adaptor signature scheme. In addition, we define two-party adaptor signature schemes with aggregatable public keys and show how to instantiate them via a generic transformation from ID-based signature schemes. Finally, we give instantiations of our generic transformations for the Schnorr, Katz-Wang and Guillou-Quisquater signature schemes.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Rate-1 Key-Dependent Message Security via Reusable Homomorphic Extractor Against Correlated-Source Attacks

next chapter Compact Zero-Knowledge Proofs for Threshold ECDSA with Trustless Setup

Using techniques from [16, 20] it is possible to obtain NIZKs which allow for witness extraction without rewinding.

Abdalla, M., et al.: Tighter reductions for forward-secure signature schemes. In: PKC 2013 (2013)

Aumayr, L., et al.: Generalized bitcoin-compatible channels. Cryptology ePrint Archive, Report 2020/476. https://eprint.iacr.org/2020/476.pdf (2020)

Bellare, M., Neven, G.: Multi-signatures in the plain public-Key model and a general forking lemma. In: ACM CCS 2006 (2006)

Bellare, M., Shoup, S.: Two-tier signatures, strongly unforgeable signatures, and Fiat-Shamir without random oracles. In: PKC 2007 (2007)

Bitcoin Scripts. https://en.bitcoin.it/wiki/Script#Crypto

Bitcoin Wiki: Payment Channels. https://en.bitcoin.it/wiki/Payment_channels

Boldyreva, A.: Threshold signatures, multisignatures and blind signatures based on the Gap-Diffie-Hellman-group signature scheme. In: P-KC 2003 (2003)

Boneh, D., et al.: Compact multi-signatures for smaller blockchains. In: ASIACRYPT 2018, Part II (2018)

Boneh, D., et al.: Short signatures from the weil pairing. In: ASIACRYP- T 2001 (2001)

10.

Decker, C., Wattenhofer, R.: A fast and scalable payment network with bitcoin duplex micropayment channels. In: Stabilization, Safety, and Security of Distributed Systems 2015 (2015)

11.

Deshpande, A., Herlihy, M.: Privacy-preserving cross-chain atomic swaps. In: FC 2020 (2020)

12.

Drijvers, M., et al.: On the security of two-round multi-signatures. In: 2019 IEEE Symposium on Security and Privacy (2019)

13.

Eckey, L., et al.: Splitting payments locally while routing interdimensionally. Cryptology ePrint Archive, Report 2020/555. https://eprint.iacr.org/2020/555 (2020)

14.

Erwig, A., et al.: Two-party adaptor signatures from identification schemes. Cryptology ePrint Archive, Report 2021/150. https://eprint.iacr.org/2021/150 (2021)

15.

Esgin, M.F., et al.: Post-quantum adaptor signatures and payment channel networks. In: ESORICS 2020 (2020)

16.

Fischlin, M.: Communication-efficient non-interactive proofs of knowledge with online extractors. In: CRYPTO 2005 (2005)

17.

Fournier, L.: One-time verifiably encrypted signatures A.K.A. Adaptor Signatures. https://github.com/LLFourn/one-time-VES/blob/master/main.pdf (2019)

18.

Gennaro, R., et al.: Threshold-optimal DSA/ECDSA signatures and an application to bitcoin wallet security. In: ACNS 16 (2016)

19.

Goldwasser, S., Ostrovsky, R.: Invariant signatures and non-interactive zero-knowledge proofs are equivalent. In: Annual International Cryptology Conference. Springer (1992)

20.

Groth, J., et al.: Perfect non-interactive zero knowledge for NP In: EU- ROCRYPT 2006 (2006)

21.

Gugger, J.: Bitcoin-monero cross-chain atomic swap. Cryptology ePrint Archive, Report 2020/1126. https://eprint.iacr.org/2020/1126 (2020)

22.

Guillou, L.C., Quisquater, J.-J.: A “Paradoxical” indentity-based signature scheme resulting from zero-knowledge. In: CRYPTO’88 (1990)

23.

Hardjono, T., Zheng, Y.: A practical digital multisignature scheme based on discrete logarithms (extended abstract). In: Advances in Cryp- tology – AUSCRYPT’92 (1993)

24.

Katz, J., Wang, N.: Efficiency improvements for signature schemes with tight security reductions. In: ACM CCS 2003 (2003)

25.

Kiltz, E., et al.: Optimal security proofs for signatures from identification schemes. In: CRYPTO 2016, Part II (2016)

26.

Le, D.-P., et al.: DDH-based multisignatures with public key aggregation. Cryptology ePrint Archive, Report 2019/771. https://eprint.iacr.org/2019/771 (2019)

27.

Lindell, Y.: Fast secure two-party ECDSA signing. In: CRYPTO 2017, Part II (2017)

28.

Lu, S., et al.: Sequential aggregate signatures and multisignatures without random oracles. In: EUROCRYPT 2006 (2006)

29.

Lysyanskaya, A.: Unique signatures and verifiable random functions from the DH-DDH separation. In: Annual International Cryptology Conference. Springer (2002)

30.

Malavolta, G., et al.: Anonymous multi-hop locks for blockchain scalability and interoperability. In: NDSS 2019 (2019)

31.

Maxwell, G., et al.: Simple Schnorr multi-signatures with applications to Bitcoin. In: Designs, Codes and Cryptography 2019 (2019)

32.

Micali, S., et al.: Verifiable random functions. In: 40th FOCS (1999)

33.

Miller, A., et al.: Sprites and state channels: payment networks that go faster than lightning. In: FC 2019 (2019)

34.

Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. http://bitcoin.org/bitcoin.pdf (2009)

35.

Ohta, K., Okamoto, T.: A digital multisignature scheme based on the Fiat-Shamir scheme. In: Advances in Cryptology – ASIACRYPT’91 (1993)

36.

Okamoto, T.: A digital multisignature scheme using bijective public-key cryptosystems. ACM Trans. Comput. Syst. 4 (1988)

37.

Poelstra, A.: Scriptless scripts. https://download.wpsoftware.net/bitcoin/wizardry/mw-slides/2017-03-mit-bitcoin-expo/slides.pdf (2017)

38.

Poon, J., Dryja, T.: The bitcoin lightning network: scalable O-chain instant payments. https://lightning.network/lightning-network-paper.pdf (2016)

39.

Rivest, R.L., et al.: How to leak a secret. In: ASIACRYPT 2001 (2001)

40.

van Saberhagen, N.: CryptoNote v 2.0. https://bytecoin.org/old/whitepaper.pdf

41.

Schnorr, C.-P.: Efficient signature generation by smart cards. J. Cryptol. 3 (1991)

42.

Shen, S.-T., et al.: Unique signature with short output from CDH assumption. In: International Conference on Provable Security. Springer (2015)

43.

Tairi, E., et al.: A\({^2}\)L: anonymous atomic locks for scalability in payment channel hubs. Cryptology ePrint Archive, Report 2019/589. https://eprint.iacr.org/2019/589 (2019)

44.

Tairi, E., et al.: Post-quantum adaptor signature for privacy-preserving O-chain payments. FC (to appear, 2021). https://eprint.iacr.org/2020/1345

Title: Two-Party Adaptor Signatures from Identification Schemes
Authors: Andreas Erwig
Sebastian Faust
Kristina Hostáková
Monosij Maitra
Siavash Riahi
Publisher: Springer International Publishing
Book: Public-Key Cryptography – PKC 2021
Print ISBN: 978-3-030-75244-6

Electronic ISBN: 978-3-030-75245-3

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-3-030-75245-3_17

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner