Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - Decentralized Threshold Signatures With Dynamically Private Accountability
AU - Li, Meng
AU - Ding, Hanni
AU - Wang, Qing
AU - Zhang, Mingwei
AU - Meng, Weizhi
AU - Zhu, Liehuang
AU - Zhang, Zijian
AU - Lin, Xiaodong
PY - 2024/12/31
Y1 - 2024/12/31
N2 - Threshold signature is a fundamental cryptographic primitive used in many practical applications. As proposed by Boneh and Komlo (CRYPTO’22), TAPS is a threshold signature that is a hybrid of privacy and accountability. It enables a combiner to combine t signature shares while revealing nothing about the threshold t or signing quorum to the public and asks a tracer to track a signature to the quorum that generates it. However, TAPS has three disadvantages: it 1) structures upon a centralized model, 2) assumes that both combiner and tracer are honest, and 3) leaves the tracing unnotarized and static. In this work, we introduce Decentralized, Threshold, dynamically Accountable and Private Signature (DeTAPS) that provides decentralized combining and tracing, enhanced privacy against untrusted combiners (tracers), and notarized and dynamic tracing. Specifically, we adopt Dynamic Threshold Public-Key Encryption (DTPKE) to dynamically notarize the tracing process, design non-interactive zero knowledge proofs to achieve public verifiability of notaries, and utilize the Key-Aggregate Searchable Encryption to bridge TAPS and DTPKE so as to awaken the notaries securely and efficiently. In addition, we formalize the definitions and security requirements for DeTAPS. Then we present a concrete construction and formally prove its security and privacy. To evaluate the performance, we build a prototype based on SGX2 and Ethereum.
AB - Threshold signature is a fundamental cryptographic primitive used in many practical applications. As proposed by Boneh and Komlo (CRYPTO’22), TAPS is a threshold signature that is a hybrid of privacy and accountability. It enables a combiner to combine t signature shares while revealing nothing about the threshold t or signing quorum to the public and asks a tracer to track a signature to the quorum that generates it. However, TAPS has three disadvantages: it 1) structures upon a centralized model, 2) assumes that both combiner and tracer are honest, and 3) leaves the tracing unnotarized and static. In this work, we introduce Decentralized, Threshold, dynamically Accountable and Private Signature (DeTAPS) that provides decentralized combining and tracing, enhanced privacy against untrusted combiners (tracers), and notarized and dynamic tracing. Specifically, we adopt Dynamic Threshold Public-Key Encryption (DTPKE) to dynamically notarize the tracing process, design non-interactive zero knowledge proofs to achieve public verifiability of notaries, and utilize the Key-Aggregate Searchable Encryption to bridge TAPS and DTPKE so as to awaken the notaries securely and efficiently. In addition, we formalize the definitions and security requirements for DeTAPS. Then we present a concrete construction and formally prove its security and privacy. To evaluate the performance, we build a prototype based on SGX2 and Ethereum.
U2 - 10.1109/TIFS.2023.3347968
DO - 10.1109/TIFS.2023.3347968
M3 - Journal article
VL - 19
SP - 2217
EP - 2230
JO - IEEE Transactions on Information Forensics and Security
JF - IEEE Transactions on Information Forensics and Security
ER -