Top

Published in:

2021 | OriginalPaper | Chapter

\(\text{ W-OTS}^{+}\) Up My Sleeve! A Hidden Secure Fallback for Cryptocurrency Wallets

Authors : David Chaum, Mario Larangeira, Mario Yaksetig, William Carter

Published in: Applied Cryptography and Network Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

We introduce a new key generation mechanism where users can generate a “back up key”, securely nested inside the secret key of a signature scheme.

Our main motivation is that in case of leakage of the secret key, established techniques based on zero-knowledge proofs of knowledge are void since the key becomes public. On the other hand, the “back up key”, which is secret, can be used to generate a “proof of ownership”, i.e., only the real owner of this secret key can generate such a proof. To the best of our knowledge, this extra level of security is novel, and could have already been used in practice, if available, in digital wallets for cryptocurrencies that suffered massive leakage of account private keys. In this work, we formalize the notion of “Proof of Ownership” and “Fallback” as new properties. Then, we introduce our construction, which is compatible with major designs for wallets based on ECDSA, and adds a \(\text{ W-OTS}^{+}\) signing key as a “back up key”. Thus offering a quantum secure fallback. This design allows the hiding of any quantum secure signature key pair, and is not exclusive to \(\text{ W-OTS}^{+}\). Finally, we briefly discuss the construction of multiple generations of proofs of ownership.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter P2DEX: Privacy-Preserving Decentralized Cryptocurrency Exchange

next chapter Terrorist Attacks for Fake Exposure Notifications in Contact Tracing Systems

Available only for authorised users

We highlight the work of Banegas and Bernstein [3] that studies the existing overhead beyond the quantum queries and shows that even in a post-quantum setting, the collision-finding algorithms costs at least \(2^{n/2}\), even if it requires a smaller number of queries.

Arapinis, M., Gkaniatsou, A., Karakostas, D., Kiayias, A.: A formal treatment of hardware wallets. In: Goldberg, I., Moore, T. (eds.) FC 2019. LNCS, vol. 11598, pp. 426–445. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-32101-7_26CrossRef

Badertscher, C., Gazi, P., Kiayias, A., Russell, A., Zikas, V.: Ouroboros genesis: composable proof-of-stake blockchains with dynamic availability. In: David, L., Mohammad, M., Michael, B., XiaoFeng, W., (eds), ACM CCS 2018: 25th Conference on Computer and Communications Security, Toronto, ON, Canada, 15–19 October 2018, pp. 913–930. ACM Press (2018)

Banegas, G., Bernstein, D.J.: Low-communication parallel quantum multi-target preimage search. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 325–335. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72565-9_16CrossRef

Bernstein, D.J., Hülsing, A.: Decisional second-preimage resistance: when does SPR imply PRE? In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11923, pp. 33–62. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34618-8_2CrossRef

Bernstein, D.J., Hülsing, A., Kölb, S., Niederhagen, R., Rijneveld, J., Schwabe, P.: The SPHINCS\(^+\) signature framework. In: Cavallaro et al. [9], pp. 2129–2146 (2019)

Mnemonic code for generating deterministic keys. https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki. Accessed 20 Jan 2020

Mnemonic code converter. https://iancoleman.io/bip39/. Accessed 20 Jan 2020

Study finds less than 40% of btc addresses are economically relevant. https://news.bitcoin.com/study-finds-less-than-40-of-btc-addresses-are-economically-relevant/. Accessed 18 Jan 2020

Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.): ACM CCS 2019: 26th Conference on Computer and Communications Security. ACM Press (2019)

10.

Dahmen, E., Okeya, K., Takagi, T., Vuillaume, C.: Digital signatures out of second-preimage resistant hash functions. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 109–123. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88403-3_8CrossRef

11.

Das, P., Faust, S., Loss, J.: A formal treatment of deterministic wallets. In: Cavallaro et al. [9], pp. 651–668 (2019)

12.

Ethereum unique addresses chart. https://etherscan.io/chart/address. Accessed 18 Sep 2020

13.

Implementation of wots up my sleeve. https://github.com/yaksetig/sleeve. Accessed 01 Apr 2021

14.

Golang implementation of the bip39 spec. https://godoc.org/github.com/tyler-smith/go-bip39. Accessed 20 Sep 2020

15.

Grover, L.K.: A fast quantum mechanical algorithm for database search. In: 28th Annual ACM Symposium on Theory of Computing, Philadephia, PA, USA, 22–24 May 1996, pp. 212–219. ACM Press (1996)

16.

Hülsing, A.: W-OTS+ – shorter signatures for hash-based signature schemes. In: Youssef et al. [27], pp. 173–188

17.

Hülsing, A., Rijneveld, J., Song, F.: Mitigating multi-target attacks in hash-based signatures. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 387–416. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49384-7_15CrossRef

18.

Hutter, M., Schwabe, P.: NaCl on 8-bit AVR microcontrollers. In: Youssef et al. [27], pp. 156–172

19.

Karakostas, D., Kiayias, A., Larangeira, M.: Account management in proof of stake ledgers. In: Galdi, C., Kolesnikov, V. (eds.) SCN 2020. LNCS, vol. 12238, pp. 3–23. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-57990-6_1CrossRef

20.

Lamport, L.: Constructing digital signatures from a one-way function. Technical Report SRI-CSL-98, SRI International Computer Science Laboratory (1979)

21.

Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_21CrossRef

22.

Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2009)

23.

Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)MathSciNetCrossRef

24.

Trinity attack incident part 1: Summary and next steps. https://blog.iota.org/trinity-attack-incident-part-1-summary-and-next-steps-8c7ccc4d81e8. Accessed 22 Sept 2020

25.

van Heyst, E., Pedersen, T.P.: How to make efficient fail-stop signatures. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 366–377. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-47555-9_30CrossRef

26.

Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum project yellow paper 151, 1–32 (2014)

27.

Youssef, A., Nitaj, A., Hassanien, A.E. (eds.): AFRICACRYPT 2013. LNCS, vol. 7918. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38553-7CrossRefMATH

Title: Up My Sleeve! A Hidden Secure Fallback for Cryptocurrency Wallets
Authors: David Chaum
Mario Larangeira
Mario Yaksetig
William Carter
Publisher: Springer International Publishing
Book: Applied Cryptography and Network Security
Print ISBN: 978-3-030-78371-6

Electronic ISBN: 978-3-030-78372-3

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-3-030-78372-3_8

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner