Double-Authentication-Preventing Signatures in the Standard Model
- 234 Downloads
A double-authentication preventing signature (DAPS) scheme is a digital signature scheme equipped with a self-enforcement mechanism. Messages consist of an address and a payload component, and a signer is penalized if she signs two messages with the same addresses but different payloads. The penalty is the disclosure of the signer’s signing key. Most of the existing DAPS schemes are proved secure in the random oracle model (ROM), while the efficient ones in the standard model only support address spaces of polynomial size.
We present DAPS schemes that are efficient, secure in the standard model under standard assumptions and support large address spaces. Our main construction builds on vector commitments (VC) and double-trapdoor chameleon hash functions (DCH). We also provide a DAPS realization from Groth-Sahai (GS) proofs that builds on a generic construction by Derler et al., which they instantiate in the ROM. The GS-based construction, while less efficient than our main one, shows that a general yet efficient instantiation of DAPS in the standard model is possible.
An interesting feature of our main construction is that it can be easily modified to guarantee security even in the most challenging setting where no trusted setup is provided. It seems to be the first construction achieving this in the standard model.
KeywordsDouble-spending Digital signature Cryptocurrencies Certificate subversion
The first author is supported by the Programma ricerca di ateneo UNICT 2020-22 linea 2. The second author is supported by the Vienna Science and Technology Fund (WWTF) through project VRG18-002. The third author is supported by the European Union’s Horizon 2020 Project FENTEC (Grant Agreement no. 780108).
- 11.Derler, D., Ramacher, S., Slamanig, D.: Generic double-authentication preventing signatures and a post-quantum instantiation. In: Baek, J., Susilo, W., Kim, J. (eds.) ProvSec 2018. LNCS, vol. 11192, pp. 258–276. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01446-9_15CrossRefGoogle Scholar
- 12.Derler, D., Ramacher, S., Slamanig, D.: Short double- and n-times-authentication-preventing signatures from ECDSA and more. In: 2018 IEEE European Symposium on Security and Privacy (EuroS&P 2018), London, United Kingdom, 24–26 April 2018, pp. 273–287 (2018)Google Scholar
- 15.Krawczyk, H., Rabin, T.: Chameleon signatures. In: NDSS 2000. The Internet Society, February 2000Google Scholar
- 17.Naor, M., Reingold, O.: Number-theoretic constructions of efficient pseudo-random functions. In: 38th FOCS, pp. 458–467. IEEE Computer Society Press, October 1997. https://doi.org/10.1109/SFCS.1997.646134
- 20.Ruffing, T., Kate, A., Schröder, D.: Liar, liar, coins on fire! Penalizing equivocation by loss of bitcoins. In: Ray, I., Li, N., Kruegel, C. (eds.) ACM CCS 2015. pp. 219–230. ACM Press, October 2015. https://doi.org/10.1145/2810103.2813686