The Multi-User Constrained Pseudorandom Function Security of Generalized GGM Trees for MPC and Hierarchical Wallets

IF 3 4区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS ACM Transactions on Privacy and Security Pub Date : 2023-06-26 DOI:https://dl.acm.org/doi/10.1145/3592608

Chun Guo, Xiao Wang, Xiang Xie, Yu Yu

{"title":"The Multi-User Constrained Pseudorandom Function Security of Generalized GGM Trees for MPC and Hierarchical Wallets","authors":"Chun Guo, Xiao Wang, Xiang Xie, Yu Yu","doi":"https://dl.acm.org/doi/10.1145/3592608","DOIUrl":null,"url":null,"abstract":"Multi-user (mu) security considers large-scale attackers that, given access to a number of cryptosystem instances, attempt to compromise at least one of them. We initiate the study of mu security of the so-called GGM tree that stems from the pseudorandom generator to pseudorandom function transformation of Goldreich, Goldwasser, and Micali, with a goal to provide references for its recently popularized use in applied cryptography. We propose a generalized model for GGM trees and analyze its mu prefix-constrained pseudorandom function security in the random oracle model. Our model allows to derive concrete bounds and improvements for various protocols, and we showcase on the Bitcoin-Improvement-Proposal standard <sans-serif>Bip32</sans-serif> hierarchical wallets and function secret sharing protocols. In both scenarios, we propose improvements with better performance and concrete security bounds at the same time. Compared with the state-of-the-art designs, our <sans-serif>SHACAL3</sans-serif>- and Keccak-p-based <sans-serif>Bip32</sans-serif> variants reduce the communication cost of MPC-based implementations by 73.3% to 93.8%, whereas our <sans-serif>AES</sans-serif>-based function secret sharing substantially improves mu security while reducing computations by 50%.","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":null,"pages":null},"PeriodicalIF":3.0000,"publicationDate":"2023-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Privacy and Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/https://dl.acm.org/doi/10.1145/3592608","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Multi-user (mu) security considers large-scale attackers that, given access to a number of cryptosystem instances, attempt to compromise at least one of them. We initiate the study of mu security of the so-called GGM tree that stems from the pseudorandom generator to pseudorandom function transformation of Goldreich, Goldwasser, and Micali, with a goal to provide references for its recently popularized use in applied cryptography. We propose a generalized model for GGM trees and analyze its mu prefix-constrained pseudorandom function security in the random oracle model. Our model allows to derive concrete bounds and improvements for various protocols, and we showcase on the Bitcoin-Improvement-Proposal standard Bip32 hierarchical wallets and function secret sharing protocols. In both scenarios, we propose improvements with better performance and concrete security bounds at the same time. Compared with the state-of-the-art designs, our SHACAL3- and Keccak-p-based Bip32 variants reduce the communication cost of MPC-based implementations by 73.3% to 93.8%, whereas our AES-based function secret sharing substantially improves mu security while reducing computations by 50%.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

广义GGM树的多用户约束伪随机函数安全性研究

多用户(mu)安全性考虑的是大规模攻击者，在给定对多个密码系统实例的访问权限后，试图破坏其中至少一个。本文对Goldreich、Goldwasser、Micali等人的伪随机生成器到伪随机函数变换的所谓GGM树的mu安全性进行了初步研究，旨在为其在应用密码学中的普及应用提供参考。提出了一种广义的GGM树模型，并在随机oracle模型中分析了其mu前缀约束伪随机函数的安全性。我们的模型允许推导出各种协议的具体界限和改进，我们展示了比特币改进建议标准Bip32分层钱包和功能秘密共享协议。在这两种情况下，我们同时提出了性能更好和具体安全边界的改进。与最先进的设计相比，我们基于shaal3和keccak -p的Bip32变体将基于mpc的实现的通信成本降低了73.3%至93.8%，而我们基于aes的功能秘密共享大大提高了mu安全性，同时减少了50%的计算量。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

ACM Transactions on Privacy and Security Computer Science-General Computer Science

CiteScore

5.20

自引率

0.00%

发文量

期刊介绍： ACM Transactions on Privacy and Security (TOPS) (formerly known as TISSEC) publishes high-quality research results in the fields of information and system security and privacy. Studies addressing all aspects of these fields are welcomed, ranging from technologies, to systems and applications, to the crafting of policies.