ACM Digital Library home
ACM home
Advanced Search
10.1145/3372297.3417263acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedings
research-article

Verifiable Timed Signatures Made Practical

Publication: CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications SecurityOctober 2020 Pages 1733–1750https://doi.org/10.1145/3372297.3417263
  • 0citation
  • 264
    • Downloads
Metrics
Total Citations0
Total Downloads264
Last 12 Months264
Last 6 weeks34

ABSTRACT

A verifiable timed signature (VTS) scheme allows one to time-lock a signature on a known message for a given amount of time T such that after performing a sequential computation for time T anyone can extract the signature from the time-lock. Verifiability ensures that anyone can publicly check if a time-lock contains a valid signature on the message without solving it first, and that the signature can be obtained by solving the same for time T.

This work formalizes VTS, presents efficient constructions compatible with BLS, Schnorr, and ECDSA signatures, and experimentally demonstrates that these constructions can be employed in practice. On a technical level, we design an efficient cut-and-choose protocol based on the homomorphic time-lock puzzles to prove the validity of a signature encapsulated in a time-lock puzzle. We also present a new efficient range proof protocol that significantly improves upon existing proposals in terms of the proof size, and is also of independent interest.

While VTS is a versatile tool with numerous existing applications, we demonstrate VTS's applicability to resolve three novel challenging issues in the space of cryptocurrencies. Specifically,we show how VTS is the cryptographic cornerstone to construct:(i) Payment channel networks with improved on-chain unlinkability of users involved in a transaction, (ii) multi-party signing of transactions for cryptocurrencies without any on-chain notion oftime and (iii) cryptocurrency-enabled fair multi-party computation protocol.

References

  1. [n.d.]. bip32. ([n. d.]). https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki.Google ScholarGoogle Scholar
  2. [n.d.]. Bitcoin Wiki: Payment Channels. https://en.bitcoin.it/wiki/Payment_channels.Google ScholarGoogle Scholar
  3. [n.d.]. BOLT #3: Bitcoin Transaction and Script Formats. https://github.com/lightningnetwork/lightning-rfc/blob/master/03-transactions.md#offered-htlc-outputs.Google ScholarGoogle Scholar
  4. [n.d.]. Self Decrypting Files. https://gwern.net/Self-decrypting-files.Google ScholarGoogle Scholar
  5. Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. 2011. How to Garble Arithmetic Circuits. In 52nd FOCS, Rafail Ostrovsky (Ed.). IEEE Computer Society Press, Palm Springs, CA, USA, 120--129. https://doi.org/10.1109/FOCS.2011.40Google ScholarGoogle Scholar
  6. Vivek Kumar Bagaria, Joachim Neu, and David Tse. 2020. Boomerang: Redundancy Improves Latency and Throughput in Payment-Channel Networks. In 24th International Conference on Financial Cryptography and Data Security FC 2020. 304--324.Google ScholarGoogle Scholar
  7. Waclaw Banasik, Stefan Dziembowski, and Daniel Malinowski. 2016. Efficient Zero-Knowledge Contingent Payments in Cryptocurrencies Without Scripts. In ESORICS 2016, Part II (LNCS, Vol. 9879), Ioannis G. Askoxylakis, Sotiris Ioannidis, Sokratis K. Katsikas, and Catherine A. Meadows (Eds.). Springer, Heidelberg, Germany, Heraklion, Greece, 261--280. https://doi.org/10.1007/978--3--319--45741--3_14Google ScholarGoogle Scholar
  8. Rachid El Bansarkhani and Jan Sturm. 2016. An Efficient Lattice-Based Multisignature Scheme with Applications to Bitcoins. In CANS 16 (LNCS, Vol. 10052), Sara Foresti and Giuseppe Persiano (Eds.). Springer, Heidelberg, Germany, Milan, Italy, 140--155. https://doi.org/10.1007/978--3--319--48965-0_9Google ScholarGoogle Scholar
  9. Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. 2014. Zerocash: Decentralized Anonymous Payments from Bitcoin. In 2014 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Berkeley, CA, USA, 459--474. https://doi.org/10.1109/SP.2014.36Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Iddo Bentov and Ranjit Kumaresan. 2014. How to Use Bitcoin to Design Fair Protocols. In CRYPTO 2014, Part II (LNCS, Vol. 8617), Juan A. Garay and Rosario Gennaro (Eds.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 421--439. https://doi.org/10.1007/978--3--662--44381--1_24Google ScholarGoogle ScholarCross RefCross Ref
  11. Nir Bitansky, Shafi Goldwasser, Abhishek Jain, Omer Paneth, Vinod Vaikuntanathan, and Brent Waters. 2016. Time-Lock Puzzles from Randomized Encodings. In ITCS 2016, Madhu Sudan (Ed.). ACM, Cambridge, MA, USA, 345--356. https://doi.org/10.1145/2840728.2840745Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Dan Boneh, Manu Drijvers, and Gregory Neven. 2018. Compact Multi-signatures for Smaller Blockchains. In ASIACRYPT 2018, Part II (LNCS, Vol. 11273), Thomas Peyrin and Steven Galbraith (Eds.). Springer, Heidelberg, Germany, Brisbane, Queensland, Australia, 435--464. https://doi.org/10.1007/978--3-030-03329--3_15Google ScholarGoogle Scholar
  13. Dan Boneh, Craig Gentry, Ben Lynn, and Hovav Shacham. 2003. Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In EUROCRYPT 2003 (LNCS, Vol. 2656), Eli Biham (Ed.). Springer, Heidelberg, Germany, Warsaw, Poland, 416--432. https://doi.org/10.1007/3--540--39200--9_26Google ScholarGoogle ScholarCross RefCross Ref
  14. Dan Boneh, Ben Lynn, and Hovav Shacham. 2001. Short Signatures from the Weil Pairing. In ASIACRYPT 2001 (LNCS, Vol. 2248), Colin Boyd (Ed.). Springer, Heidelberg, Germany, Gold Coast, Australia, 514--532. https://doi.org/10.1007/3--540--45682--1_30Google ScholarGoogle ScholarCross RefCross Ref
  15. Dan Boneh and Moni Naor. 2000. Timed Commitments. In CRYPTO 2000 (LNCS, Vol. 1880), Mihir Bellare (Ed.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 236--254. https://doi.org/10.1007/3--540--44598--6_15Google ScholarGoogle Scholar
  16. Ivan Damgård and Mats Jurik. 2001. A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System. In PKC 2001 (LNCS, Vol. 1992), Kwangjo Kim (Ed.). Springer, Heidelberg, Germany, Cheju Island, South Korea, 119--136. https://doi.org/10.1007/3--540--44586--2_9Google ScholarGoogle ScholarCross RefCross Ref
  17. Alfredo De Santis, Silvio Micali, and Giuseppe Persiano. 1987. Non-interactive zero-knowledge proof systems. In Conference on the Theory and Application of Cryptographic Techniques. Springer, 52--72.Google ScholarGoogle Scholar
  18. Manu Drijvers, Kasra Edalatnejad, Bryan Ford, Eike Kiltz, Julian Loss, Gregory Neven, and Igors Stepanovs. 2019. On the security of two-round multi-signatures. In On the Security of Two-Round Multi-Signatures. IEEE, 0.Google ScholarGoogle Scholar
  19. Lisa Eckey, Sebastian Faust, Kristina Hostáková, and Stefanie Roos. 2020. Splitting Payments Locally While Routing Interdimensionally. IACR Cryptol. ePrint Arch., Vol. 2020 (2020), 555.Google ScholarGoogle Scholar
  20. Christoph Egger, Pedro Moreno-Sanchez, and Matteo Maffei. 2019. Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks. In ACM CCS 2019. ACM Press, 801--815. https://doi.org/10.1145/3319535.3345666Google ScholarGoogle Scholar
  21. Ralf S Engelschall. 2001. Openssl: The open source toolkit for SSL/TLS. URL: http://www. openssl. org (2001), 2001--04.Google ScholarGoogle Scholar
  22. Amos Fiat and Adi Shamir. 1987. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In CRYPTO'86 (LNCS, Vol. 263), Andrew M. Odlyzko (Ed.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 186--194. https://doi.org/10.1007/3--540--47721--7_12Google ScholarGoogle Scholar
  23. Tore Kasper Frederiksen, Yehuda Lindell, Valery Osheter, and Benny Pinkas. 2018. Fast distributed RSA key generation for semi-honest and malicious adversaries. In Annual International Cryptology Conference. Springer, 331--361.Google ScholarGoogle ScholarCross RefCross Ref
  24. Juan A. Garay and Markus Jakobsson. 2003. Timed Release of Standard Digital Signatures. In FC 2002 (LNCS, Vol. 2357), Matt Blaze (Ed.). Springer, Heidelberg, Germany, Southampton, Bermuda, 168--182.Google ScholarGoogle Scholar
  25. Juan A. Garay and Carl Pomerance. 2003. Timed Fair Exchange of Standard Signatures: [Extended Abstract]. In FC 2003 (LNCS, Vol. 2742), Rebecca Wright (Ed.). Springer, Heidelberg, Germany, Guadeloupe, French West Indies, 190--207.Google ScholarGoogle Scholar
  26. Rosario Gennaro and Steven Goldfeder. 2018. Fast multiparty threshold ecdsa with fast trustless setup. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1179--1194.Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Christian Hanser, Max Rabkin, and Dominique Schröder. 2015. Verifiably Encrypted Signatures: Security Revisited and a New Construction. In ESORICS 2015, Part I (LNCS, Vol. 9326), Günther Pernul, Peter Y. A. Ryan, and Edgar R. Weippl (Eds.). Springer, Heidelberg, Germany, Vienna, Austria, 146--164. https://doi.org/10.1007/978--3--319--24174--6_8Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Don Johnson, Alfred Menezes, and Scott Vanstone. 2001. The Elliptic Curve Digital Signature Algorithm (ECDSA). International Journal of Information Security, Vol. 1, 1 (01 Aug 2001), 36--63. https://doi.org/10.1007/s102070100002Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Jonathan Katz. 2010. Digital signatures. Springer Science & Business Media.Google ScholarGoogle Scholar
  30. Jonathan Katz, Andrew Miller, and Elaine Shi. 2014. Pseudonymous secure computation from time-lock puzzles. (2014).Google ScholarGoogle Scholar
  31. Ranjit Kumaresan and Iddo Bentov. 2014. How to Use Bitcoin to Incentivize Correct Computations. In ACM CCS 2014, Gail-Joon Ahn, Moti Yung, and Ninghui Li (Eds.). ACM Press, Scottsdale, AZ, USA, 30--41. https://doi.org/10.1145/2660267.2660380Google ScholarGoogle Scholar
  32. Ranjit Kumaresan, Tal Moran, and Iddo Bentov. 2015. How to Use Bitcoin to Play Decentralized Poker. In ACM CCS 2015, Indrajit Ray, Ninghui Li, and Christopher Kruegel (Eds.). ACM Press, Denver, CO, USA, 195--206. https://doi.org/10.1145/2810103.2813712Google ScholarGoogle Scholar
  33. Russell W. F. Lai, Viktoria Ronge, Tim Ruffing, Dominique Schröder, Sri Aravinda Krishnan Thyagarajan, and Jiafan Wang. 2019. Omniring: Scaling Private Payments Without Trusted Setup. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (London, United Kingdom) (CCS '19). Association for Computing Machinery, New York, NY, USA, 31--48. https://doi.org/10.1145/3319535.3345655Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Huijia Lin, Rafael Pass, and Pratik Soni. 2017. Two-Round and Non-Interactive Concurrent Non-Malleable Commitments from Time-Lock Puzzles. In 58th FOCS, Chris Umans (Ed.). IEEE Computer Society Press, Berkeley, CA, USA, 576--587. https://doi.org/10.1109/FOCS.2017.59Google ScholarGoogle Scholar
  35. Yehuda Lindell. 2017. Fast secure two-party ECDSA signing. In Annual International Cryptology Conference. Springer, 613--644.Google ScholarGoogle ScholarCross RefCross Ref
  36. Yehuda Lindell and Ariel Nof. 2018a. Fast secure multiparty ecdsa with practical distributed key generation and applications to cryptocurrency custody. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1837--1854.Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Yehuda Lindell and Ariel Nof. 2018b. Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody. In ACM CCS 2018, David Lie, Mohammad Mannan, Michael Backes, and XiaoFeng Wang (Eds.). ACM Press, Toronto, ON, Canada, 1837--1854. https://doi.org/10.1145/3243734.3243788Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Ben Lynn et al. 2006. PBC library. Online: http://crypto. stanford. edu/pbc, Vol. 59 (2006), 76--99.Google ScholarGoogle Scholar
  39. Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, and Srivatsan Ravi. 2017. Concurrency and Privacy with Payment-Channel Networks. In ACM CCS 2017, Bhavani M. Thuraisingham, David Evans, Tal Malkin, and Dongyan Xu (Eds.). ACM Press, Dallas, TX, USA, 455--471. https://doi.org/10.1145/3133956.3134096Google ScholarGoogle Scholar
  40. Giulio Malavolta, Pedro Moreno-Sanchez, Clara Schneidewind, Aniket Kate, and Matteo Maffei. 2019. Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability. In NDSS 2019. The Internet Society, San Diego, CA, USA.Google ScholarGoogle Scholar
  41. Giulio Malavolta and Sri Aravinda Krishnan Thyagarajan. 2019. Homomorphic Time-Lock Puzzles and Applications. In CRYPTO 2019, Part I (LNCS ), Hovav Shacham and Alexandra Boldyreva (Eds.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 620--649. https://doi.org/10.1007/978--3-030--26948--7_22Google ScholarGoogle Scholar
  42. Gregory Maxwell, Andrew Poelstra, Yannick Seurin, and Pieter Wuille. 2018. Simple Schnorr Multi-Signatures with Applications to Bitcoin. Cryptology ePrint Archive, Report 2018/068. https://eprint.iacr.org/2018/068.Google ScholarGoogle Scholar
  43. Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system.Google ScholarGoogle Scholar
  44. Pascal Paillier. 1999. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In EUROCRYPT'99 (LNCS, Vol. 1592), Jacques Stern (Ed.). Springer, Heidelberg, Germany, Prague, Czech Republic, 223--238. https://doi.org/10.1007/3--540--48910-X_16Google ScholarGoogle Scholar
  45. Joseph Poon and Thaddeus Dryja. 2016. The bitcoin lightning network: Scalable off-chain instant payments.Google ScholarGoogle Scholar
  46. R. L. Rivest, A. Shamir, and D. A. Wagner. 1996. Time-lock Puzzles and Timed-release Crypto. Technical Report. Cambridge, MA, USA.Google ScholarGoogle Scholar
  47. Claus-Peter Schnorr. 1990. Efficient Identification and Signatures for Smart Cards. In CRYPTO'89 (LNCS, Vol. 435), Gilles Brassard (Ed.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 239--252. https://doi.org/10.1007/0--387--34805-0_22Google ScholarGoogle Scholar
  48. Adi Shamir. 1979. How to share a secret. Commun. ACM, Vol. 22, 11 (1979), 612--613.Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Vibhaalakshmi Sivaraman, Shaileshh Bojja Venkatakrishnan, Kathleen Ruan, Parimarjan Negi, Lei Yang, Radhika Mittal, Giulia Fanti, and Mohammad Alizadeh. 2020. High Throughput Cryptocurrency Routing in Payment Channel Networks. In 17th $$USENIX$$ Symposium on Networked Systems Design and Implementation ($$NSDI$$ 20). 777--796.Google ScholarGoogle Scholar
  50. Sri Aravinda Krishnan Thyagarajan, Adithya Bhat, Giulio Malavolta, Nico Döttling, Aniket Kate, and Schröder Dominique. [n.d.]. Verifiable Timed Signatures Project Page. ( [n.,d.]). https://github.com/verifiable-timed-signatures/web/.Google ScholarGoogle Scholar
  51. P Wuille. 2018. Schnorr's bip.Google ScholarGoogle Scholar
  52. Jan Henrik Ziegeldorf, Fred Grossmann, Martin Henze, Nicolas Inden, and Klaus Wehrle. 2015. Coinparty: Secure multi-party mixing of bitcoins. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. ACM, 75--86.Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Jan Henrik Ziegeldorf, Roman Matzutt, Martin Henze, Fred Grossmann, and Klaus Wehrle. 2018. Secure and anonymous decentralized Bitcoin mixing. Future Generation Computer Systems, Vol. 80 (2018), 448--466.Google ScholarGoogle ScholarDigital LibraryDigital Library

Supplemental Material

Copy of CCS2020_fp230_SriAravindaKrishnanThyagarajan - Brian Hollendyke.mov

Presentation video

mov

296 MB

Play streamDownload

Index Terms

  1. Verifiable Timed Signatures Made Practical

    Comments

    View Table of Contents
    back
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!