Poster: Signer Discretion is Advised: On the Insecurity of Vitalik's Threshold Hash-based Signatures
Pages 3597 - 3599
Abstract
We show that the Lamport threshold signature scheme proposed by Vitalik Buterin is not existentially unforgeable under chosen message attacks (EU-CMA). In this work, we formalize the proposed threshold hash-based signature scheme, and show an attack that results in a 60-bit security reduction. Our attack completes in seconds in a setting with a single malicious adversary (the leader of a consensus round), thus contradicting the claim that even with 96 malicious colluding participants (out of a total of 256), an adversary can only make a signature for approximately 1 in 280 possible values. In summary, the original estimated security analysis of the proposed threshold signature scheme claimed security against an adversary in control of approximately a year of continuous work from the entire bitcoin network. Our attack, however, runs in seconds using a commodity laptop.
References
[1]
Vitalik Buterin. 2018. Threshold Lamport signatures can survive with much lower size by compromising on per-signature security level. https://ethresear.ch/t/threshold-lamport-signatures-can-survive-with-much-lower-size-by-compromising-on-per-signature-security-level/1737. Accessed: today.
[2]
David Chaum, Bernardo Cardoso, William Carter, Mario Yaksetig, and Baltasar Aroso. 2023. Phoenixx: Linear consensus with random sampling. Cryptology ePrint Archive, Paper 2023/14993. https://eprint.iacr.org/2023/14993
[3]
Justin Drake. 2018. Pragmatic signature aggregation with BLS. https://ethresear.ch/t/pragmatic-signature-aggregation-with-bls/2105. Accessed: today.
[4]
Leslie Lamport. 1979. Constructing Digital Signatures from a One Way Function. Technical Report. This paper was published by IEEE in the Proceedings of HICSS-43 in January, 2010.
[5]
Ralph C. Merkle. 1989. A Certified Digital Signature. In Proceedings on Advances in Cryptology (Santa Barbara, California, USA) (CRYPTO '89). Springer-Verlag, Berlin, Heidelberg, 218--238.
[6]
Maofan Yin, Dahlia Malkhi, Michael K. Reiter, Guy Golan Gueta, and Ittai Abraham. 2019. HotStuff: BFT Consensus with Linearity and Responsiveness. In Proceedings of the 2019 ACM Symposium on Principles of Distributed Computing (Toronto ON, Canada) (PODC '19). Association for Computing Machinery, New York, NY, USA, 347--356.
Index Terms
- Poster: Signer Discretion is Advised: On the Insecurity of Vitalik's Threshold Hash-based Signatures
Recommendations
Quantum-Access Security of Hash-Based Signature Schemes
Information Security and PrivacyAbstractIn post-quantum cryptography, hash-based signature schemes are attractive choices because of the weak assumptions. Most existing hash-based signature schemes are proven secure against post-quantum chosen message attacks (CMAs), where the ...
Hash-based signatures for the internet of things: position paper
CF '18: Proceedings of the 15th ACM International Conference on Computing FrontiersWhile numerous digital signature schemes exist in the literature, most real-world system rely on RSA-based signature schemes or on the digital signature algorithm (DSA), including its elliptic curve cryptography variant ECDSA.
In this position paper we ...
An Intermediate Secret-Guessing Attack on Hash-Based Signatures
Advances in Information and Computer SecurityAbstractDigital signature schemes form the basis of trust in Internet communication. Shor (FOCS 1994) proposed quantum algorithms that can be used by a quantum computer to break the security of today’s widely used digital signature schemes, and this has ...
Comments
Information & Contributors
Information
Published In
November 2023
3722 pages
ISBN:9798400700507
DOI:10.1145/3576915
- General Chairs:
- Weizhi Meng,
- Christian D. Jensen,
- Program Chairs:
- Cas Cremers,
- Engin Kirda
Copyright © 2023 Owner/Author.
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 21 November 2023
Check for updates
Author Tags
Qualifiers
- Poster
Conference
CCS '23
Sponsor:
CCS '23: ACM SIGSAC Conference on Computer and Communications Security
November 26 - 30, 2023
Copenhagen, Denmark
Acceptance Rates
Overall Acceptance Rate 1,261 of 6,999 submissions, 18%
Upcoming Conference
CCS '25
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 111Total Downloads
- Downloads (Last 12 months)56
- Downloads (Last 6 weeks)2
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in