Post Quantum Fuzzy Stealth Signatures and Applications
Authors: 
Sihang Pu, Sri AravindaKrishnan Thyagarajan, Nico Döttling, Lucjan HanzlikAuthors Info & Claims
Sihang Pu, Sri AravindaKrishnan Thyagarajan, Nico Döttling, Lucjan HanzlikAuthors Info & ClaimsPages 371 - 385
Abstract
Private payments in blockchain-based cryptocurrencies have been a topic of research, both academic and industrial, ever since the advent of Bitcoin. Stealth address payments were proposed as a solution to improve payment privacy for users and are, in fact, deployed in several major cryptocurrencies today. The mechanism lets users receive payments so that none of these payments are linkable to each other or the recipient. Currently known stealth address mechanisms either (1) are insecure in certain reasonable adversarial models, (2) are inefficient in practice or (3) are incompatible with many existing currencies.
In this work, we formalize the underlying cryptographic abstraction of this mechanism, namely, stealth signatures with formal game-based definitions. We show a surprising application of our notions to passwordless authentication defined in the Fast IDentity Online (FIDO) standard. We then present SPIRIT, the first efficient post-quantum secure stealth signature construction based on the NIST standardized signature and key-encapsulation schemes, Dilithium and Kyber. The basic form of SPIRIT is only secure in a weak security model, but we provide an efficiency-preserving and generic transform, which boosts the security of SPIRIT to guarantee the strongest security notion defined in this work. Compared to state-of-the-art, there is an approximately 3.37x improvement in the signature size while keeping signing and verification as efficient as 0.2 ms.
We extend SPIRIT with a fuzzy tracking functionality where recipients can outsource the tracking of incoming transactions to a tracking server, satisfying an anonymity notion similar to that of fuzzy message detection (FMD) recently introduced in [CCS 2021]. We also extend SPIRIT with a new fuzzy tracking framework called scalable fuzzy tracking that we introduce in this work. This new framework can be considered as a dual of FMD, in that it reduces the tracking server's computational workload to sublinear in the number of users, as opposed to linear in FMD. Experimental results show that, for millions of users, the server only needs 3.4 ms to filter each incoming message which is a significant improvement upon the state-of-the-art.
References
[1]
Shweta Agrawal, Dan Boneh, and Xavier Boyen. 2010. Efficient Lattice (H)IBE in the Standard Model. In Advances in Cryptology - EUROCRYPT 2010 (Lecture Notes in Computer Science, Vol. 6110), Henri Gilbert (Ed.). Springer, Heidelberg, Germany, French Riviera, 553--572. https://doi.org/10.1007/978-3-642-13190-5_28
[2]
Nabil Alkeilani Alkadri, Poulami Das, Andreas Erwig, Sebastian Faust, Juliane Krämer, Siavash Riahi, and Patrick Struck. 2020. Deterministic Wallets in a Quantum World. In ACM CCS 2020: 27th Conference on Computer and Communications Security, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM Press, Virtual Event, USA, 1017--1031. https://doi.org/10.1145/3372297.3423361
[3]
FIDO Alliance. 2022. White Paper: Multi-Device FIDO credentials. https://fidoalliance.org/white-paper-multi-device-fido-credentials/
[4]
Lukas Aumayr, Pedro Moreno-Sanchez, Aniket Kate, and Matteo Maffei. 2021. Blitz: Secure Multi-Hop Payments Without Two-Phase Commits. In USENIX Security 2021: 30th USENIX Security Symposium, Michael Bailey and Rachel Greenstadt (Eds.). USENIX Association, 4043--4060.
[5]
Manuel Barbosa, Alexandra Boldyreva, Shan Chen, and Bogdan Warinschi. 2021. Provable Security Analysis of FIDO2. In Advances in Cryptology - CRYPTO 2021, Part III (Lecture Notes in Computer Science, Vol. 12827), Tal Malkin and Chris Peikert (Eds.). Springer, Heidelberg, Germany, Virtual Event, 125--156. https://doi.org/10.1007/978-3-030-84252-9_5
[6]
Gabrielle Beck, Julia Len, Ian Miers, and Matthew Green. 2021. Fuzzy Message Detection. In ACM CCS 2021: 28th Conference on Computer and Communications Security, Giovanni Vigna and Elaine Shi (Eds.). ACM Press, Virtual Event, Republic of Korea, 1507--1528. https://doi.org/10.1145/3460120.3484545
[7]
The Giving Block. 2023. Cryptocurrency Solutions For Institutional Philanthropy. https://thegivingblock.com
[8]
Dan Boneh and Matthew K. Franklin. 2001. Identity-Based Encryption from the Weil Pairing. In Advances in Cryptology - CRYPTO 2001 (Lecture Notes in Computer Science, Vol. 2139), Joe Kilian (Ed.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 213--229. https://doi.org/10.1007/3-540-44647-8_13
[9]
Zvika Brakerski, Nico Döttling, Sanjam Garg, and Giulio Malavolta. 2019. Leveraging Linear Decryption: Rate-1 Fully-Homomorphic Encryption and Time-Lock Puzzles. In TCC 2019: 17th Theory of Cryptography Conference, Part II (Lecture Notes in Computer Science, Vol. 11892), Dennis Hofheinz and Alon Rosen (Eds.). Springer, Heidelberg, Germany, Nuremberg, Germany, 407--437. https://doi.org/10.1007/978-3-030-36033-7_16
[10]
Zvika Brakerski, Craig Gentry, and Vinod Vaikuntanathan. 2012. (Leveled) fully homomorphic encryption without bootstrapping. In ITCS 2012: 3rd Innovations in Theoretical Computer Science, Shafi Goldwasser (Ed.). Association for Computing Machinery, Cambridge, MA, USA, 309--325. https://doi.org/10.1145/2090236.2090262
[11]
CBC. 2023. Digital currency donations for Freedom Convoy evading seizure by authorities. https://www.cbc.ca/news/canada/ottawa/freedom-convoy-cryptocurrency-asset-seizure-1.6389601
[12]
Coinbase. 2023. How to Donate Crypto. https://www.coinbase.com/learn/crypto-basics/how-to-donate-crypto
[13]
Nicolas T Courtois and Rebekah Mercer. 2017. Stealth Address and Key Management Techniques in Blockchain Systems. ICISSP, Vol. 2017 (2017), 559--566.
[14]
Nico Döttling and Sanjam Garg. 2017. Identity-Based Encryption from the Diffie-Hellman Assumption. In Advances in Cryptology - CRYPTO 2017, Part I (Lecture Notes in Computer Science, Vol. 10401), Jonathan Katz and Hovav Shacham (Eds.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 537--569. https://doi.org/10.1007/978-3-319-63688-7_18
[15]
Muhammed F. Esgin, Ron Steinfeld, and Raymond K. Zhao. 2022. MatRiCT+: More Efficient Post-Quantum Private Blockchain Payments. In 2022 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, San Francisco, CA, USA, 1281--1298. https://doi.org/10.1109/SP46214.2022.9833655
[16]
Muhammed F. Esgin, Raymond K. Zhao, Ron Steinfeld, Joseph K. Liu, and Dongxi Liu. 2019. MatRiCT: Efficient, Scalable and Post-Quantum Blockchain Confidential Transactions Protocol. In ACM CCS 2019: 26th Conference on Computer and Communications Security, Lorenzo Cavallaro, Johannes Kinder, XiaoFeng Wang, and Jonathan Katz (Eds.). ACM Press, London, UK, 567--584. https://doi.org/10.1145/3319535.3354200
[17]
Bitcointalk Forum. 2011. Untraceable transactions which can contain a secure message are inevitable. 2011. https://bitcointalk.org/index.php?topic=5965.0
[18]
ForumPay. 2023. Cryptocurrency and Online Gaming. https://forumpay.com/gaming
[19]
Nick Frymann, Daniel Gardham, Franziskus Kiefer, Emil Lundberg, Mark Manulis, and Dain Nilsson. 2020. Asynchronous Remote Key Generation: An Analysis of Yubico's Proposal for W3C WebAuthn. In ACM CCS 2020: 27th Conference on Computer and Communications Security, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM Press, Virtual Event, USA, 939--954. https://doi.org/10.1145/3372297.3417292
[20]
Gitcoin. 2023. Umbra: Privacy Preserving Stealth Payments. https://gitcoin.co/grants/821/umbra-privacy-preserving-stealth-payments
[21]
Paul Grubbs, Varun Maram, and Kenneth G. Paterson. 2022. Anonymous, Robust Post-quantum Public Key Encryption. In Advances in Cryptology - EUROCRYPT 2022, Part III (Lecture Notes in Computer Science, Vol. 13277), Orr Dunkelman and Stefan Dziembowski (Eds.). Springer, Heidelberg, Germany, Trondheim, Norway, 402--432. https://doi.org/10.1007/978-3-031-07082-2_15
[22]
Lucjan Hanzlik, Julian Loss, and Benedikt Wagner. 2022. Token meets Wallet: Formalizing Privacy and Revocation for FIDO2. Cryptology ePrint Archive, Report 2022/084. https://eprint.iacr.org/2022/084.
[23]
Eike Kiltz, Vadim Lyubashevsky, and Christian Schaffner. 2018. A Concrete Treatment of Fiat-Shamir Signatures in the Quantum Random-Oracle Model. In Advances in Cryptology - EUROCRYPT 2018, Part III (Lecture Notes in Computer Science, Vol. 10822), Jesper Buus Nielsen and Vincent Rijmen (Eds.). Springer, Heidelberg, Germany, Tel Aviv, Israel, 552--586. https://doi.org/10.1007/978-3-319-78372-7_18
[24]
Russell W. F. Lai, Viktoria Ronge, Tim Ruffing, Dominique Schröder, Sri Aravinda Krishnan Thyagarajan, and Jiafan Wang. 2019. Omniring: Scaling Private Payments Without Trusted Setup. In ACM CCS 2019: 26th Conference on Computer and Communications Security, Lorenzo Cavallaro, Johannes Kinder, XiaoFeng Wang, and Jonathan Katz (Eds.). ACM Press, London, UK, 31--48. https://doi.org/10.1145/3319535.3345655
[25]
Wenling Liu, Zhen Liu, Khoa Nguyen, Guomin Yang, and Yu Yu. 2020. A Lattice-Based Key-Insulated and Privacy-Preserving Signature Scheme with Publicly Derived Public Key. In ESORICS 2020: 25th European Symposium on Research in Computer Security, Part II (Lecture Notes in Computer Science, Vol. 12309), Liqun Chen, Ninghui Li, Kaitai Liang, and Steve A. Schneider (Eds.). Springer, Heidelberg, Germany, Guildford, UK, 357--377. https://doi.org/10.1007/978-3-030-59013-0_18
[26]
Zeyu Liu and Eran Tromer. 2021. Oblivious Message Retrieval. Cryptology ePrint Archive, Report 2021/1256. https://eprint.iacr.org/2021/1256.
[27]
Zhen Liu, Guomin Yang, Duncan S. Wong, Khoa Nguyen, and Huaxiong Wang. 2019. Key-Insulated and Privacy-Preserving Signature Scheme with Publicly Derived Public Key., 215--230 pages. https://doi.org/10.1109/EuroSP.2019.00025
[28]
Vadim Lyubashevsky. 2009. Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures. In Advances in Cryptology - ASIACRYPT 2009 (Lecture Notes in Computer Science, Vol. 5912), Mitsuru Matsui (Ed.). Springer, Heidelberg, Germany, Tokyo, Japan, 598--616. https://doi.org/10.1007/978-3-642-10366-7_35
[29]
Vadim Lyubashevsky. 2012. Lattice Signatures without Trapdoors. In Advances in Cryptology - EUROCRYPT 2012 (Lecture Notes in Computer Science, Vol. 7237), David Pointcheval and Thomas Johansson (Eds.). Springer, Heidelberg, Germany, Cambridge, UK, 738--755. https://doi.org/10.1007/978-3-642-29011-4_43
[30]
Vadim Lyubashevsky, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Peter Schwabe, Gregor Seiler, Damien Stehlé, and Shi Bai. 2020. CRYSTALS-DILITHIUM. Technical Report. National Institute of Standards and Technology. available at https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/round-3-submissions.
[31]
Varun Madathil, Alessandra Scafuro, István András Seres, Omer Shlomovits, and Denis Varlakov. 2021. Private Signaling. Cryptology ePrint Archive, Report 2021/853. https://eprint.iacr.org/2021/853.
[32]
Ralph C. Merkle. 1990. A Certified Digital Signature. In Advances in Cryptology - CRYPTO'89 (Lecture Notes in Computer Science, Vol. 435), Gilles Brassard (Ed.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 218--238. https://doi.org/10.1007/0-387-34805-0_21
[33]
Malte Möser, Kyle Soska, Ethan Heilman, Kevin Lee, Henry Heffan, Shashvat Srivastava, Kyle Hogan, Jason Hennessey, Andrew Miller, Arvind Narayanan, et al. 2017. An empirical analysis of traceability in the monero blockchain.
[34]
Shen Noether, Adam Mackenzie, and the Monero Research Lab. 2016. Ring Confidential Transactions. Ledger, Vol. 1 (Dec. 2016), 1--18. https://doi.org/10.5195/ledger.2016.34
[35]
Micha Ober, Stefan Katzenbeisser, and Kay Hamacher. 2013. Structure and anonymity of the bitcoin transaction graph. Future internet, Vol. 5, 2 (2013), 237--250.
[36]
Periklis A. Papakonstantinou, Charles W. Rackoff, and Yevgeniy Vahlis. 2012. How powerful are the DDH hard groups? Cryptology ePrint Archive, Report 2012/653. https://eprint.iacr.org/2012/653.
[37]
Thomas Prest, Pierre-Alain Fouque, Jeffrey Hoffstein, Paul Kirchner, Vadim Lyubashevsky, Thomas Pornin, Thomas Ricosset, Gregor Seiler, William Whyte, and Zhenfei Zhang. 2022. FALCON. Technical Report. National Institute of Standards and Technology. available at https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022.
[38]
Sihang Pu. 2023. https://github.com/sihangpu/SPIRIT.
[39]
Sihang Pu, Sri AravindaKrishnan Thyagarajan, Nico Döttling, and Lucjan Hanzlik. 2023. Post Quantum Fuzzy Stealth Signatures and Applications. Cryptology ePrint Archive, Paper 2023/1148. https://eprint.iacr.org/2023/1148 https://eprint.iacr.org/2023/1149.
[40]
Oded Regev. 2005. On lattices, learning with errors, random linear codes, and cryptography. In 37th Annual ACM Symposium on Theory of Computing, Harold N. Gabow and Ronald Fagin (Eds.). ACM Press, Baltimore, MA, USA, 84--93. https://doi.org/10.1145/1060590.1060603
[41]
Fergal Reid and Martin Harrigan. 2013. An analysis of anonymity in the bitcoin system., 197--223 pages.
[42]
Dorit Ron and Adi Shamir. 2013. Quantitative analysis of the full bitcoin transaction graph., 6--24 pages.
[43]
Marc Santamaria Ortega. 2013. The Bitcoin transaction graph anonymity.
[44]
Gili Schul-Ganz and Gil Segev. 2021. Generic-Group Identity-Based Encryption: A Tight Impossibility Result. Cryptology ePrint Archive, Report 2021/745. https://eprint.iacr.org/2021/745.
[45]
Peter Schwabe, Roberto Avanzi, Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Gregor Seiler, and Damien Stehlé. 2020. CRYSTALS-KYBER. Technical Report. National Institute of Standards and Technology. available at https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/round-3-submissions.
[46]
Peter Schwabe, Roberto Avanzi, Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Gregor Seiler, Damien Stehlé, and Jintai Ding. 2022. CRYSTALS-KYBER. Technical Report. National Institute of Standards and Technology. available at https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022.
[47]
István András Seres, Balázs Pejó, and Péter Burcsi. 2021. The Effect of False Positives: Why Fuzzy Message Detection Leads to Fuzzy Privacy Guarantees? Cryptology ePrint Archive, Report 2021/1180. https://eprint.iacr.org/2021/1180.
[48]
ShipHero. 2023. Cryptocurrency and e-commerce. https://shiphero.com/blog/cryptocurrency-e-commerce/
[49]
Save the Children. 2023. Why Donate Bitcoin, Ethereum, NFTs and other Cryptocurrencies to Charity. https://www.savethechildren.org/us/ways-to-help/ways-to-give/ways-to-help/cryptocurrency-donation
[50]
Peter Todd. 2014. Stealth Addresses, 2014. http://www.mailarchive.com/[email protected]/msg03613.html
[51]
Nicolas van Saberhagen. 2013. CrypoNote v 2.0. 2013. https://cryptonote.org/whitepaper.pdf
[52]
Takashi Yamakawa and Mark Zhandry. 2021. Classical vs Quantum Random Oracles. In Advances in Cryptology - EUROCRYPT 2021, Part II (Lecture Notes in Computer Science, Vol. 12697), Anne Canteaut and Franccois-Xavier Standaert (Eds.). Springer, Heidelberg, Germany, Zagreb, Croatia, 568--597. https://doi.org/10.1007/978-3-030-77886-6_20
[53]
Raymond K. Zhao, Sarah McCarthy, Ron Steinfeld, Amin Sakzad, and Máire O'Neill. 2021. Quantum-safe HIBE: does it cost a Latte? Cryptology ePrint Archive, Report 2021/222. https://eprint.iacr.org/2021/222.
Index Terms
- Post Quantum Fuzzy Stealth Signatures and Applications
Recommendations
Traceable ring signatures: general framework and post-quantum security
AbstractTraceable ring signature (TRS), a variant of ring signature, allows a signer to sign a message anonymously labeled with a tag on behalf of a group of users, but may reveal the signer’s identity if he creates two signatures with the same tag. TRS ...
Efficient Post-Quantum Secure Deterministic Threshold Wallets from Isogenies
ASIA CCS '24: Proceedings of the 19th ACM Asia Conference on Computer and Communications SecurityCryptocurrency networks crucially rely on digital signature schemes, which are used as an authentication mechanism for transactions. Unfortunately, most major cryptocurrencies today, including Bit-coin and Ethereum, employ signature schemes that are ...
Post-quantum secure group signature with verifier local revocation and backward unlinkability
AbstractGroup signature supports users to generate signatures on behalf of the group. Verifier local revocation (VLR) is an important method to revoke a misbehaving user in group signature, which has attracted many researchers’ attention. However, the ...
Highlights- We propose a new dynamic group signature scheme with backward unlinkability.
- A phased update of revocation tokens will provide higher security for signatures.
- The secret key size and signature size are independent of the number of ...
Comments
Information & Contributors
Information
Published In
November 2023
3722 pages
ISBN:9798400700507
DOI:10.1145/3576915
- General Chairs:
- Weizhi Meng,
- Christian D. Jensen,
- Program Chairs:
- Cas Cremers,
- Engin Kirda
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 21 November 2023
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- ERC
Conference
CCS '23
Sponsor:
CCS '23: ACM SIGSAC Conference on Computer and Communications Security
November 26 - 30, 2023
Copenhagen, Denmark
Acceptance Rates
Overall Acceptance Rate 1,261 of 6,999 submissions, 18%
Upcoming Conference
CCS '24
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 207Total Downloads
- Downloads (Last 12 months)207
- Downloads (Last 6 weeks)16
Reflects downloads up to
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in