Skip to main content
Springer Nature Link
Log in

ZKAttest: Ring and Group Signatures for Existing ECDSA Keys

  • Conference paper
  • First Online:
Selected Areas in Cryptography (SAC 2021)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13203))

Included in the following conference series:

  • 837 Accesses

Abstract

Cryptographic keys are increasingly stored in dedicated hardware or behind software interfaces. Doing so limits access, such as permitting only signing via ECDSA. This makes using them in existing ring and group signature schemes impossible as these schemes assume the ability to access the private key for other operations. We present a \(\varSigma \)-protocol that uses a committed public key to verify an ECDSA or Schnorr signature on a message, without revealing the public key. We then discuss how this protocol may be used to derive ring signatures in combination with Groth–Kohlweiss membership proofs and other applications. This scheme has been implemented and source code is freely available.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Agrawal, S., Ganesh, C., Mohassel, P.: Non-interactive zero-knowledge proofs for composite statements. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 643–673. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_22

    Chapter  Google Scholar 

  2. von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: using hard AI problems for security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_18

    Chapter  Google Scholar 

  3. Balfanz, D., et al.: FIDO UAF protocol specification v1.0. FIDO alliance standard, FIDO (December 2014). https://fidoalliance.org/specs/fido-uaf-v1.0-ps-20141208/fido-uaf-protocol-v1.0-ps-20141208.html

  4. Bayer, S., Groth, J.: Zero-knowledge argument for polynomial evaluation with application to blacklists. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 646–663. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_38

    Chapter  Google Scholar 

  5. Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39200-9_38

    Chapter  Google Scholar 

  6. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Denning, D.E., Pyle, R., Ganesan, R., Sandhu, R.S., Ashby, V. (eds.) CCS 1993, Proceedings of the 1st ACM Conference on Computer and Communications Security, Fairfax, Virginia, USA, 3–5 November 1993, pp. 62–73. ACM (1993). https://doi.org/10.1145/168588.168596

  7. Benarroch, D., Campanelli, M., Fiore, D., Kolonelos, D.: Zero-knowledge proofs for set membership: Efficient, succinct, modular. Cryptology ePrint Archive, Report 2019/1255 (October 2019). https://eprint.iacr.org/2019/1255

  8. Bender, A., Katz, J., Morselli, R.: Ring signatures: stronger definitions, and constructions without random oracles. J. Cryptol. 22(1), 114–138 (2007). https://doi.org/10.1007/s00145-007-9011-9

    Article  MathSciNet  MATH  Google Scholar 

  9. Bernhard, D., Pereira, O., Warinschi, B.: How not to prove yourself: pitfalls of the fiat-shamir heuristic and applications to helios. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 626–643. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_38

    Chapter  Google Scholar 

  10. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.Y.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77–89 (2012). https://doi.org/10.1007/s13389-012-0027-1

    Article  MATH  Google Scholar 

  11. Bröker, R.: Constructing Elliptic Curves of Prescribed Order. Ph.D. thesis, Leiden (2006)

    Google Scholar 

  12. Camenisch, J.: Group signature schemes and payment systems based on the discrete logarithm problem. Ph.D. thesis, ETH Zurich (1998)

    Google Scholar 

  13. Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_7

    Chapter  Google Scholar 

  14. Camenisch, J., Michels, M.: Proving in zero-knowledge that a number is the product of two safe primes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 107–122. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_8

    Chapter  MATH  Google Scholar 

  15. Chase, M., Lysyanskaya, A.: On signatures of knowledge. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 78–96. Springer, Heidelberg (2006). https://doi.org/10.1007/11818175_5

    Chapter  Google Scholar 

  16. Damgård, I.: On \(\varSigma \)-protocols (2010). https://www.cs.au.dk/~ivan/Sigma.pdf

  17. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_2

    Chapter  Google Scholar 

  18. Faz-Hernández, A., Scott, S., Sullivan, N., Wahby, R.S., Wood, C.A.: Hashing to elliptic curves. internet-draft, internet engineering task force (April 2021). https://datatracker.ietf.org/doc/draft-irtf-cfrg-hash-to-curve/, (work in progress)

  19. Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 305–326. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_11

    Chapter  Google Scholar 

  20. Groth, J., Kohlweiss, M.: One-out-of-many proofs: or how to leak a secret and spend a coin. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 253–280. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_9

    Chapter  Google Scholar 

  21. Hodges, J., Jones, J., Jones, M.B., Kumar, A., Lundberg, E.: Web Authentication: An API for accessing Public Key Credentials - Level 2. W3C recommendation, W3C (April 2021). https://www.w3.org/TR/webauthn-2

  22. Hopwood, D., Bowe, S., Hornby, T., Wilcox, N.: Zcash protocol specification (August 2021). https://zips.z.cash/protocol/protocol.pdf

  23. Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001). https://doi.org/10.1007/s102070100002

    Article  Google Scholar 

  24. MDN contributors: Bigint (2021). https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/BigInt

  25. National Institute of Standards and Technology: FIPS 186–2: Digital Signature Standard (DSS). Federal Information Processing Standards Publication (January 2000). https://csrc.nist.gov/CSRC/media/Publications/fips/186/2/archive/2000-01-27/documents/fips186-2.pdf

  26. Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_9

    Chapter  Google Scholar 

  27. Renes, J., Costello, C., Batina, L.: Complete addition formulas for prime order elliptic curves. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 403–428. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_16

    Chapter  Google Scholar 

  28. Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45682-1_32

    Chapter  Google Scholar 

  29. Silverman, J.H.: The Geometry of Elliptic Curves. In: The Arithmetic of Elliptic Curves. GTM, vol. 106, pp. 41–114. Springer, New York (2009). https://doi.org/10.1007/978-0-387-09494-6_3

  30. Solinas, J.A.: Generalized Mersenne Numbers. Technical report, Centre for Applied Cryptographic Research, University of Waterloo (June 1999). https://cacr.uwaterloo.ca/techreports/1999/corr99-39.pdf

  31. Standards for Efficient Cryptography Group: SEC 2: Recommended Elliptic Curve Domain Parameters. Standards for Efficient Cryptography (SEC) (September 2000). https://www.secg.org/sec2-v1.pdf

  32. The PARI Group, Univ. Bordeaux: PARI/GP version 2.13.0 (2019). http://pari.math.u-bordeaux.fr/

Download references

Acknowledgements

We would like to thank SAC reviewers for providing feedback that helped us to improve the article. We also want to thank Alex Davidson for thoughtful discussions during the early stages of this work.

Author information

Authors and Affiliations

  1. Cloudflare, Inc., San Francisco, USA

    Armando Faz-Hernández & Watson Ladd

  2. Cornell Tech, New York, USA

    Deepak Maram

Authors
  1. Armando Faz-Hernández
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Watson Ladd
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Deepak Maram
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Watson Ladd .

Editor information

Editors and Affiliations

  1. University of Victoria, Victoria, BC, Canada

    Riham AlTawy

  2. Eindhoven University of Technology, Eindhoven, The Netherlands

    Andreas Hülsing

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Faz-Hernández, A., Ladd, W., Maram, D. (2022). ZKAttest: Ring and Group Signatures for Existing ECDSA Keys. In: AlTawy, R., Hülsing, A. (eds) Selected Areas in Cryptography. SAC 2021. Lecture Notes in Computer Science, vol 13203. Springer, Cham. https://doi.org/10.1007/978-3-030-99277-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-99277-4_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-99276-7

  • Online ISBN: 978-3-030-99277-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics