Skip to main content
SpringerLink
Log in

Short Paper: The Proof is in the Pudding

Proofs of Work for Solving Discrete Logarithms

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11598))

Included in the following conference series:

Abstract

We propose a proof of work protocol that computes the discrete logarithm of an element in a cyclic group. Individual provers generating proofs of work perform a distributed version of the Pollard rho algorithm. Such a protocol could capture the computational power expended to construct proof-of-work-based blockchains for a more useful purpose, as well as incentivize advances in hardware, software, or algorithms for an important cryptographic problem. We describe our proposed construction and elaborate on challenges and potential trade-offs that arise in designing a practical proof of work.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Elliptic curve point multiplications take about \(2^{10}\) times longer than SHA-256 on modern CPUs.

  2. 2.

    Extrapolated from peak daily hash rates at bitinfocharts.com.

References

  1. Back, A.: Hashcash-a denial of service counter-measure (2002)

    Google Scholar 

  2. Ball, M., Rosen, A., Sabin, M., Vasudevan, P.N.: Proofs of work from worst-case assumptions. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 789–819. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96884-1_26

    Chapter  Google Scholar 

  3. Barbulescu, R., Gaudry, P., Joux, A., Thomé, E.: A heuristic quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 1–16. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_1

    Chapter  MATH  Google Scholar 

  4. Barker, E., Chen, L., Roginsky, A., Vassilev, A., Davis, R.: SP 800–56A Revision 3. Recommendation for pair-wise key establishment schemes using discrete logarithm cryptography. National Institute of Standards & Technology (2018)

    Google Scholar 

  5. Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive (2018)

    Google Scholar 

  6. Biryukov, A., Pustogarov, I.: Proof-of-Work as anonymous micropayment: rewarding a tor relay. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 445–455. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47854-7_27

    Chapter  Google Scholar 

  7. Bitansky, N., et al.: The hunting of the SNARK. J. Cryptol. 30(4) (2017)

    Article  MathSciNet  Google Scholar 

  8. Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970). https://doi.org/10.1145/362686.362692

    Article  MATH  Google Scholar 

  9. Boneh, D., Bonneau, J., Bünz, B., Fisch, B.: Verifiable delay functions. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 757–788. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96884-1_25

    Chapter  Google Scholar 

  10. Bos, J.W., Kaihara, M.E., Kleinjung, T., Lenstra, A.K., Montgomery, P.L.: Solving a 112-bit prime elliptic curve discrete logarithm problem on game consoles using sloppy reduction. Int. J. Appl. Crypt. 2(3) (2012)

    Article  MathSciNet  Google Scholar 

  11. Certicom ECC challenge (1997). http://certicom.com/images/pdfs/challenge-2009.pdf. Accessed 10 Nov 2009

  12. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  13. Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_10

    Chapter  Google Scholar 

  14. Ethereum Project: Ethereum white paper. https://github.com/ethereum/wiki/wiki/White-Paper#modified-ghost-implementation

  15. Gordon, D.M.: Discrete logarithms in GF(P) using the number field sieve. SIAM J. Discret. Math. 6(1), 124–138 (1993). https://doi.org/10.1137/0406010

    Article  MathSciNet  MATH  Google Scholar 

  16. Jakobsson, M., Juels, A.: Proofs of work and bread pudding protocols (Extended Abstract). In: Preneel, B. (ed.) Secure Information Networks. ITIFIP, vol. 23, pp. 258–272. Springer, Boston, MA (1999). https://doi.org/10.1007/978-0-387-35568-9_18

    Chapter  Google Scholar 

  17. King, S.: Primecoin: cryptocurrency with prime number proof-of-work (2013)

    Google Scholar 

  18. Lochter, M.: Blockchain as cryptanalytic tool. Cryptology ePrint Archive, Report 2018/893 (2018). https://eprint.iacr.org/2018/893.pdf

  19. Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System. White paper (2008)

    Google Scholar 

  20. National Institute of Standards and Technology: FIPS PUB 186–4: Digital Signature Standard (DSS). National Institute of Standards and Technology, July 2013

    Google Scholar 

  21. Percival, C., Josefsson, S.: The scrypt password-based key derivation function. RFC 7914, RFC Editor, August 2016. http://rfc-editor.org/rfc/rfc7914.txt

  22. Pollard, J.M.: Monte carlo methods for index computation (mod \(p\)). In: Mathematics of Computation, vol. 32 (1978)

    Google Scholar 

  23. Poon, J., Buterin, V.: Plasma: scalable autonomous smart contracts (2017)

    Google Scholar 

  24. Shanks, D.: Class number, a theory of factorization, and genera. In: Proceedings of Symposium Mathematical Society, vol. 20, pp. 41–440 (1971)

    Google Scholar 

  25. Sompolinsky, Y., Zohar, A.: Secure high-rate transaction processing in bitcoin. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 507–527. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47854-7_32

    Chapter  Google Scholar 

  26. Teske, E.: Speeding up Pollard’s rho method for computing discrete logarithms. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 541–554. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054891

    Chapter  Google Scholar 

  27. Valenta, L., Sullivan, N., Sanso, A., Heninger, N.: In search of CurveSwap: measuring elliptic curve implementations in the wild. In: EuroS&P. IEEE (2018)

    Google Scholar 

  28. Van Oorschot, P.C., Wiener, M.J.: Parallel collision search with cryptanalytic applications. J. Cryptol. 12(1), 1–28 (1999)

    Article  MathSciNet  Google Scholar 

  29. de Vries, A.: Bitcoin’s growing energy problem. Joule 2(5), 801–805 (2018)

    Article  Google Scholar 

  30. Wenger, E., Wolfger, P.: Harder, better, faster, stronger: elliptic curve discrete logarithm computations on FPGAs. J. Crypt. Eng. (2016)

    Google Scholar 

  31. Wustrow, E., VanderSloot, B.: DDoSCoin: cryptocurrency with a malicious proof-of-work. In: WOOT (2016)

    Google Scholar 

Download references

Acknowledgement

Joseph Bonneau, Brett Hemenway, Michael Rudow, Terry Sun, and Luke Valenta contributed to early versions of this work. Nadia Heninger carried out this research while at the University of Pennsylvania. This work was supported by the National Science Foundation under grants no. CNS-1651344 and CNS-1513671 and by the Office of Naval Research under grant no. 568751.

Author information

Authors and Affiliations

  1. University of Pennsylvania, Philadelphia, USA

    Marcella Hastings

  2. University of California, San Diego, San Diego, USA

    Nadia Heninger

  3. University of Colorado Boulder, Boulder, USA

    Eric Wustrow

Authors
  1. Marcella Hastings
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nadia Heninger
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Eric Wustrow
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marcella Hastings .

Editor information

Editors and Affiliations

  1. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, Canada

    Ian Goldberg

  2. Tandy School of Computer Science, University of Tulsa, Tulsa, USA

    Tyler Moore

Rights and permissions

Reprints and permissions

Copyright information

© 2019 International Financial Cryptography Association

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hastings, M., Heninger, N., Wustrow, E. (2019). Short Paper: The Proof is in the Pudding. In: Goldberg, I., Moore, T. (eds) Financial Cryptography and Data Security. FC 2019. Lecture Notes in Computer Science(), vol 11598. Springer, Cham. https://doi.org/10.1007/978-3-030-32101-7_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-32101-7_24

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-32100-0

  • Online ISBN: 978-3-030-32101-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation