Abstract
The \(\mathcal {S}_{\text{ leeve }}\) construction proposed by Chaum et al. (ACNS’21) introduces an extra security layer for digital wallets by allowing users to generate a “back up key” securely nested inside the secret key of a signature scheme, i.e., ECDSA. The “back up key”, which is secret, can be used to issue a “proof of ownership”, i.e., only the real owner of this secret key can generate a single proof, which is based on the WOTS+ signature scheme. The authors of \(\mathcal {S}_{\text{ leeve }}\) proposed the formal technique for a single proof of ownership, and only informally outlined a construction to generalize it to multiple proofs. This work identifies that their proposed construction presents drawbacks, i.e., varying of signature size and signing/verifying computation complexity, limitation of linear construction, etc. Therefore we introduce WOTSwana, a generalization of \(\mathcal {S}_{\text{ leeve }}\), which is, more concretely, a more general scheme, i.e. an extra security layer that generates multiple proofs of ownership, and put forth a thorough formalization of two constructions: (1) one given by a linear concatenation of numerous WOTS+ private/public keys, and (2) a construction based on tree like structure, i.e., an underneath Merkle tree whose leaves are WOTS+ private/public key pairs. Furthermore, we present the security analysis for multiple proofs of ownership, showcasing that this work addresses the early mentioned drawbacks of the original construction. In particular, we extend the original security definition for \(\mathcal {S}_{\text{ leeve }}\). Finally, we illustrate an alternative application of our construction, by discussing the creation of an encrypted group chat messaging application.
This work was supported by JSPS KAKENHI Grant Number JP21K11882.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aranha, D.F., Novaes, F.R., Takahashi, A., Tibouchi, M., Yarom, Y.: Ladderleak: Breaking ECDSA with less than one bit of nonce leakage. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, CCS 2020, New York, NY, USA, pp. 225–242. Association for Computing Machinery (2020)
Badertscher, C., Gazi, P., Kiayias, A., Russell, A., Zikas, V.: Ouroboros genesis: composable proof-of-stake blockchains with dynamic availability. In: Lie, D., Mannan, M., Backes, M., Wang, X.F. (eds.) ACM CCS 2018: 25th Conference on Computer and Communications Security, Toronto, ON, Canada, October 15–19, pp. 913–930. ACM Press (2018)
Bernstein, D.J., Hülsing, A., Kölbl, S., Niederhagen, R., Rijneveld, J., Schwabe, P.: The SPHINCS\(^+\) signature framework. In: Cavallaro, L., Kinder, J., Wang, X.F., Katz, J. (eds.), ACM CCS 2019: 26th Conference on Computer and Communications Security, 11–15 November 2019, pp. 2129–2146. ACM Press (2019)
Bhargavan, K., Blanchet, B., Kobeissi, N.: Verified models and reference implementations for the tls 1.3 standard candidate. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 483–502 (2017)
Buchmann, J., Dahmen, E., Hülsing, A.: XMSS - a practical forward secure signature scheme based on minimal security assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117–129. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25405-5_8
Chaum, D., Larangeira, M., Yaksetig, M.: Tweakable sleeve: a novel sleeve construction based on tweakable hash functions. In: The 3rd International Conference on Mathematical Research for Blockchain Economy (MARBLE) (2022)
Chaum, D., Larangeira, M., Yaksetig, M., Carter, W.: Wots+ up my sleeve! a hidden secure fallback for cryptocurrency wallets. In: International Conference on Applied Cryptography and Network Security, pp. 195–219. Springer (2021)
Chen, L.: Recommendation for key derivation using pseudorandom functions-revision 1. NIST special publication (2021). Accessed 20 Feb 2022
Courtois, N.T., Emirdag, P., Valsorda, F.: Private key recovery combination attacks: on extreme fragility of popular bitcoin key management, wallet and cold storage solutions in presence of poor RNG events. Cryptology ePrint Archive, Report 2014/848 (2014). http://eprint.iacr.org/2014/848
Dahmen, E., Okeya, K., Takagi, T., Vuillaume, C.: Digital signatures out of second-preimage resistant hash functions. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 109–123. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88403-3_8
Das, P., Faust, S., Loss, J.: A formal treatment of deterministic wallets. In: Cavallaro, L., Kinder, J., Wang, X.F., Katz, J. (eds.) ACM CCS 2019: 26th Conference on Computer and Communications Security, 11–15 November 2019, pp. 651–668. ACM Press (2019)
David, B., Gaži, P., Kiayias, A., Russell, A.: Ouroboros Praos: an adaptively-secure, semi-synchronous proof-of-stake blockchain. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 66–98. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_3
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
Fan, C.-I., Tseng, Y.-F., Su, H.-P., Hsu, R.-H., Kikuchi, H.: Secure hierarchical bitcoin wallet scheme against privilege escalation attacks. Int. J. Inf. Secur. 19, 245–255 (2019)
Hülsing, A.: W-OTS+ – shorter signatures for hash-based signature schemes. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 173–188. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38553-7_10
Kiayias, A., Russell, A., David, B., Oliynykov, R.: Ouroboros: a provably secure proof-of-stake blockchain protocol. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 357–388. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_12
Kobeissi, N.: Verifpal: Cryptographic Protocol Analysis for Students and Engineers (2021). https://verifpal.com. Accessed 05 Mar 2022
Kobeissi, N., Bhargavan, K., Blanchet, B.: Automated verification for secure messaging protocols and their implementations: a symbolic and computational approach. In: 2017 IEEE European Symposium on Security and Privacy (EuroS P), pp. 435–450 (2017)
Kobeissi, N., Nicolas, G., Tiwari, M.: Verifpal: cryptographic protocol analysis for the real world. In: Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop, CCSW 2020, New York, NY, USA, 2020, pp. 159. Association for Computing Machinery (2020)
Krawczyk, H.: Cryptographic extraction and key derivation: the HKDF scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631–648. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_34
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2009)
Specter, M.A., Park, S., Green, M.: Keyforge: non-attributable email from forward-forgeable signatures. In: Bailey, M., Greenstadt, R. (eds.) 30th USENIX Security Symposium, USENIX Security 2021, August 11–13, 2021, pp. 1755–1773. USENIX Association (2021)
Trinity attack incident part 1: Summary and next steps. https://blog.iota.org/trinity-attack-incident-part-1-summary-and-next-steps-8c7ccc4d81e8. Accessed 22 Sept 2020
Wood, G.: Ethereum: A secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151, 1–32 (2014)
xx network. Wotswana verifpal model. https://github.com/xx-labs/wotswana
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Chaum, D., Larangeira, M., Yaksetig, M. (2023). WOTSwana: A Generalized \(\mathcal {S}_{\text{ leeve }}\) Construction for Multiple Proofs of Ownership. In: Seo, SH., Seo, H. (eds) Information Security and Cryptology – ICISC 2022. ICISC 2022. Lecture Notes in Computer Science, vol 13849. Springer, Cham. https://doi.org/10.1007/978-3-031-29371-9_24
Download citation
DOI: https://doi.org/10.1007/978-3-031-29371-9_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-29370-2
Online ISBN: 978-3-031-29371-9
eBook Packages: Computer ScienceComputer Science (R0)