Advertisement

Two-Factor Authentication for the Bitcoin Protocol

  • Christopher Mann
  • Daniel LoebenbergerEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9331)

Abstract

We show how to realize two-factor authentication for a Bitcoin wallet. To do so, we explain how to employ an ECDSA adaption of the two-party signature protocol by MacKenzie and Reiter (2004) in the context of Bitcoin and present a prototypic implementation of a Bitcoin wallet that offers both: two-factor authentication and verification over a separate channel. Since we use a smart phone as the second authentication factor, our solution can be used with hardware already available to most users and the user experience is quite similar to the existing online banking authentication methods.

Keywords

Signature Scheme Commitment Scheme Cipher Text Online Banking Threshold Signature Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Notes

Acknowledgements

We would like to thank Michael Nüsken for various useful comments and Mike Hearn for greatly improving the performance of a first version of the prototype by suggesting a bouncy castle version with optimized arithmetic on the curve secp256k1. This work was funded by the B-IT foundation and the state of North Rhine-Westphalia.

References

  1. Accredited Standards Committee X9: ANSI X9.62, public key cryptography for the financial services industry: the elliptic curve digital signature standard (ECDSA). Technical report, American National Standards Institute, American Bankers Association (2005)Google Scholar
  2. ANSSI: Mécanismes cryptographiques - Règles et recommandations concernant le choix et le dimensionnement des mécanismes cryptographiques, Rev. 2.03. Agence nationale de la sécurité des systèmes dinformation (2014). http://www.ssi.gouv.fr/uploads/2015/01/RGS_v-2-0_B1.pdf
  3. Back, A.: Hashcash - a denial of service counter-measure. Technical report (2002). http://www.hashcash.org/papers/hashcash.pdf
  4. Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: NIST Special Publication 800–57 - Recommendation for Key Management - Part 1: General (Revision 3). National Institute of Standards and Technology (2012). http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf
  5. Ben-Or, M., Goldwasser, S., Widgerson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: STOC 1988: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 1–10. ACM, New York (1988). ISBN 0-89791-264-0, http://dx.doi.org/10.1145/62212.62213
  6. Bitpay Inc.: Copay: A secure Bitcoin wallet for friends and companies (2014). www.copay.io
  7. Blum, M., Feldman, P., Micali, S.: Proving security against chosen cyphertext attacks. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 256–268. Springer, Heidelberg (1990) CrossRefGoogle Scholar
  8. Certicom Research: SEC 2: recommended elliptic curve domain parameters. Technical report, Certicom Corporation (2000)Google Scholar
  9. Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990). http://dx.doi.org/10.1007/0-387-34799-2_25 CrossRefGoogle Scholar
  10. Damgård, I.B., Fujisaki, E.: A statistically-hiding integer commitment scheme based on groups with hidden order. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 125–142. Springer, Heidelberg (2002). http://dx.doi.org/10.1007/3-540-36178-2_8 CrossRefGoogle Scholar
  11. Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In: Kaliski Jr, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997). http://dx.doi.org/10.1007/BFb0052225 CrossRefGoogle Scholar
  12. von zur Gathen, J., Shparlinski, I.: Generating safe primes. J. Math. Cryptol. 7(4), 333–365 (2013). ISSN 1862–2984 (Online) 1862–2976 (Print)), http://dx.doi.org/10.1515/jmc-2013-5011
  13. Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Robust threshold DSS signatures. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 354–371. Springer, Heidelberg (1996). http://dx.doi.org/10.1007/3-540-68339-9_31 CrossRefGoogle Scholar
  14. Goldfeder, S., Bonneau, J., Felten, E.W., Kroll, J.A., Narayanan, A.: Securing Bitcoin wallets via threshold signatures (2014). http://www.cs.princeton.edu/~stevenag/bitcoin_threshold_signatures.pdf. Preprint
  15. Goldfeder, S., Gennaro, R., Kalodner, H., Bonneau, J., Kroll, J.A., Felten, E.W., Narayanan, A.: Securing Bitcoin wallets via a new DSA/ECDSA threshold signature scheme (2015). http://www.cs.princeton.edu/~stevenag/threshold_sigs.pdf. Preprint
  16. Harn, L.: Group-oriented \((t, n)\) threshold digital signature scheme and digital multisignature. IEE Proc. Comput. Digital Techniques 141(5), 307–313 (1994). http://dx.doi.org/10.1049/ip-cdt:19941293
  17. Hearn, M.: Update on mobile 2-factor wallets (2014). Bitcoin Mailing list at http://sourceforge.net, http://sourceforge.net/p/bitcoin/mailman/message/33017648/
  18. Ibrahim, M.H., Ali, I.A., Ibrahim, I.I., El-sawi, A.H.: A robust threshold elliptic curve digital signature providing a new verifiable secret sharing scheme. In: MWCAS03, vol. 1, pp. 276–280. IEEE Computer Society, Cairo (2003). ISBN 0-7803-8294-3, ISSN 1548-3746, http://dx.doi.org/10.1109/MWSCAS.2003.1562272
  19. Karatsuba, A., Ofman, Y.: Multiplication of multidigit numbers on automata. Sov. Phys. Doklady 7(7), 595–596 (1963). Translated from Doklady Akademii Nauk SSSR, vol. 145, No. 2, pp. 293–294, July 1962Google Scholar
  20. Kim, S.H., Han, D., Lee, D.H.: Predictability of android openSSL’s pseudo random number generator. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 659–668. ACM, New York (2013). ISBN: 978-1-4503-2477-9, http://dx.doi.org/10.1145/2508859.2516706
  21. Langford, S.K.: Threshold DSS signatures without a trusted party. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 397–409. Springer, Heidelberg (1995). http://dx.doi.org/10.1007/3-540-44750-4_32 Google Scholar
  22. Lipovsky, R.: New Hesperbot targets: Germany and Australia (2013). http://www.welivesecurity.com/2013/12/10/new-hesperbot-targets-germany-and-australia/
  23. MacKenzie, P., Reiter, M.K.: Two-party generation of DSA signatures. Int. J. Inf. Secur. 2(3–4), 218–239 (2004). http://dx.doi.org/10.1007/s10207-004-0041-0 CrossRefzbMATHGoogle Scholar
  24. Christopher Mann (2014). A prototypic implementation of a two-factor Bitcoin wallet: Source code. GitHub. https://github.com/ChristopherMann/2FactorWallet
  25. Mann, C.: Two-factor authentication for the Bitcoin protocol. Master thesis, Mathematisch-Naturwissenschaftliche Fakultät der Rheinischen Friedrich-Wilhelms-Universität Bonn (2015). https://github.com/ChristopherMann/2FactorWallet/raw/master/BitcoinTwoFactorAuth.pdf
  26. Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System. Cryptography Mailing list at metzdowd.com, 9 pages (2008). https://bitcoin.org/bitcoin.pdf
  27. NIST: Federal Information Processing Standards Publication 180–4 - Secure Hash Standard. National Institute of Standards and Technology (2012). http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf
  28. NIST: FIPS 186-4: digital signature standard (DSS).Technical report, Information Technology Laboratory, NationalInstitute of Standards and Technology (2013)Google Scholar
  29. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). http://dx.doi.org/10.1007/3-540-48910-X_16 Google Scholar
  30. Sancho, D., Hacquebord, F., Link, R.: Finding holes operation emmental. Technical report, Trend Micro Incorporated (2014). http://housecall.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-finding-holes-operation-emmental.pdf
  31. Schönhage, A., Strassen, V.: Schnelle Multiplikation großer Zahlen. Computing 7, 281–292 (1971)MathSciNetCrossRefzbMATHGoogle Scholar
  32. Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefzbMATHGoogle Scholar
  33. Wang, C.-H., Hwang, T.: (t+1, n) threshold and generalized DSS signatures without a trusted party. In: Proceedings of the 13th Annual Computer Security Applications Conference (ACSAC 1997), pp. 221–226. IEEE (1997). ISBN: 0-8186-8274-4, http://dx.doi.org/10.1109/CSAC.1997.646193
  34. Wiener, M.J.: Safe prime generation with a combined sieve. Cryptology ePrint Archive 2003/186 (2003). http://eprint.iacr.org/2003/186
  35. Wuille, P.: Dealing with malleability. Technical report, Bitcoin Project (2014). https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.B-ITUniversity of BonnBonnGermany

Personalised recommendations