Abstract
We propose a proof of work protocol that computes the discrete logarithm of an element in a cyclic group. Individual provers generating proofs of work perform a distributed version of the Pollard rho algorithm. Such a protocol could capture the computational power expended to construct proof-of-work-based blockchains for a more useful purpose, as well as incentivize advances in hardware, software, or algorithms for an important cryptographic problem. We describe our proposed construction and elaborate on challenges and potential trade-offs that arise in designing a practical proof of work.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Elliptic curve point multiplications take about \(2^{10}\) times longer than SHA-256 on modern CPUs.
- 2.
Extrapolated from peak daily hash rates at bitinfocharts.com.
References
Back, A.: Hashcash-a denial of service counter-measure (2002)
Ball, M., Rosen, A., Sabin, M., Vasudevan, P.N.: Proofs of work from worst-case assumptions. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 789–819. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96884-1_26
Barbulescu, R., Gaudry, P., Joux, A., Thomé, E.: A heuristic quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 1–16. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_1
Barker, E., Chen, L., Roginsky, A., Vassilev, A., Davis, R.: SP 800–56A Revision 3. Recommendation for pair-wise key establishment schemes using discrete logarithm cryptography. National Institute of Standards & Technology (2018)
Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive (2018)
Biryukov, A., Pustogarov, I.: Proof-of-Work as anonymous micropayment: rewarding a tor relay. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 445–455. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47854-7_27
Bitansky, N., et al.: The hunting of the SNARK. J. Cryptol. 30(4) (2017)
Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970). https://doi.org/10.1145/362686.362692
Boneh, D., Bonneau, J., Bünz, B., Fisch, B.: Verifiable delay functions. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 757–788. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96884-1_25
Bos, J.W., Kaihara, M.E., Kleinjung, T., Lenstra, A.K., Montgomery, P.L.: Solving a 112-bit prime elliptic curve discrete logarithm problem on game consoles using sloppy reduction. Int. J. Appl. Crypt. 2(3) (2012)
Certicom ECC challenge (1997). http://certicom.com/images/pdfs/challenge-2009.pdf. Accessed 10 Nov 2009
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_10
Ethereum Project: Ethereum white paper. https://github.com/ethereum/wiki/wiki/White-Paper#modified-ghost-implementation
Gordon, D.M.: Discrete logarithms in GF(P) using the number field sieve. SIAM J. Discret. Math. 6(1), 124–138 (1993). https://doi.org/10.1137/0406010
Jakobsson, M., Juels, A.: Proofs of work and bread pudding protocols (Extended Abstract). In: Preneel, B. (ed.) Secure Information Networks. ITIFIP, vol. 23, pp. 258–272. Springer, Boston, MA (1999). https://doi.org/10.1007/978-0-387-35568-9_18
King, S.: Primecoin: cryptocurrency with prime number proof-of-work (2013)
Lochter, M.: Blockchain as cryptanalytic tool. Cryptology ePrint Archive, Report 2018/893 (2018). https://eprint.iacr.org/2018/893.pdf
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System. White paper (2008)
National Institute of Standards and Technology: FIPS PUB 186–4: Digital Signature Standard (DSS). National Institute of Standards and Technology, July 2013
Percival, C., Josefsson, S.: The scrypt password-based key derivation function. RFC 7914, RFC Editor, August 2016. http://rfc-editor.org/rfc/rfc7914.txt
Pollard, J.M.: Monte carlo methods for index computation (mod \(p\)). In: Mathematics of Computation, vol. 32 (1978)
Poon, J., Buterin, V.: Plasma: scalable autonomous smart contracts (2017)
Shanks, D.: Class number, a theory of factorization, and genera. In: Proceedings of Symposium Mathematical Society, vol. 20, pp. 41–440 (1971)
Sompolinsky, Y., Zohar, A.: Secure high-rate transaction processing in bitcoin. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 507–527. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47854-7_32
Teske, E.: Speeding up Pollard’s rho method for computing discrete logarithms. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 541–554. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054891
Valenta, L., Sullivan, N., Sanso, A., Heninger, N.: In search of CurveSwap: measuring elliptic curve implementations in the wild. In: EuroS&P. IEEE (2018)
Van Oorschot, P.C., Wiener, M.J.: Parallel collision search with cryptanalytic applications. J. Cryptol. 12(1), 1–28 (1999)
de Vries, A.: Bitcoin’s growing energy problem. Joule 2(5), 801–805 (2018)
Wenger, E., Wolfger, P.: Harder, better, faster, stronger: elliptic curve discrete logarithm computations on FPGAs. J. Crypt. Eng. (2016)
Wustrow, E., VanderSloot, B.: DDoSCoin: cryptocurrency with a malicious proof-of-work. In: WOOT (2016)
Acknowledgement
Joseph Bonneau, Brett Hemenway, Michael Rudow, Terry Sun, and Luke Valenta contributed to early versions of this work. Nadia Heninger carried out this research while at the University of Pennsylvania. This work was supported by the National Science Foundation under grants no. CNS-1651344 and CNS-1513671 and by the Office of Naval Research under grant no. 568751.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 International Financial Cryptography Association
About this paper
Cite this paper
Hastings, M., Heninger, N., Wustrow, E. (2019). Short Paper: The Proof is in the Pudding. In: Goldberg, I., Moore, T. (eds) Financial Cryptography and Data Security. FC 2019. Lecture Notes in Computer Science(), vol 11598. Springer, Cham. https://doi.org/10.1007/978-3-030-32101-7_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-32101-7_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-32100-0
Online ISBN: 978-3-030-32101-7
eBook Packages: Computer ScienceComputer Science (R0)