4,383 research outputs found
Threshold Multi-Signature with an Offline Recovery Party
Key custody is a sensitive aspect of cryptocurrencies.
The employment of a custodian service together with threshold-multi-party signatures helps to manage secret keys more safely and effectively, e.g. allowing the recovery of crypto-assets when users lose their own keys.
Advancing from a protocol by Gennaro et al. we propose a protocol with two main properties.
First it allows the recovery party to remain offline during the enrollment of any user, solving a real-life problem of maintaining online only one trusted third party.
Second our multi-party signature is compatible with a deterministic derivation of public and private keys
Accountable authentication with privacy protection: The Larch system for universal login
Credential compromise is hard to detect and hard to mitigate. To address this
problem, we present larch, an accountable authentication framework with strong
security and privacy properties. Larch protects user privacy while ensuring
that the larch log server correctly records every authentication. Specifically,
an attacker who compromises a user's device cannot authenticate without
creating evidence in the log, and the log cannot learn which web service
(relying party) the user is authenticating to. To enable fast adoption, larch
is backwards-compatible with relying parties that support FIDO2, TOTP, and
password-based login. Furthermore, larch does not degrade the security and
privacy a user already expects: the log server cannot authenticate on behalf of
a user, and larch does not allow relying parties to link a user across
accounts. We implement larch for FIDO2, TOTP, and password-based login. Given a
client with four cores and a log server with eight cores, an authentication
with larch takes 150ms for FIDO2, 91ms for TOTP, and 74ms for passwords
(excluding preprocessing, which takes 1.23s for TOTP).Comment: This is an extended version of a paper appearing at OSDI 202
Evolving Bitcoin Custody
The broad topic of this thesis is the design and analysis of Bitcoin custody
systems. Both the technology and threat landscape are evolving constantly.
Therefore, custody systems, defence strategies, and risk models should be
adaptive too.
We introduce Bitcoin custody by describing the different types, design
principles, phases and functions of custody systems. We review the technology
stack of these systems and focus on the fundamentals; key-management and
privacy. We present a perspective we call the systems view. It is an attempt to
capture the full complexity of a custody system, including technology, people,
and processes. We review existing custody systems and standards.
We explore Bitcoin covenants. This is a mechanism to enforce constraints on
transaction sequences. Although previous work has proposed how to construct and
apply Bitcoin covenants, these require modifying the consensus rules of
Bitcoin, a notoriously difficult task. We introduce the first detailed
exposition and security analysis of a deleted-key covenant protocol, which is
compatible with current consensus rules. We demonstrate a range of security
models for deleted-key covenants which seem practical, in particular, when
applied in autonomous (user-controlled) custody systems. We conclude with a
comparative analysis with previous proposals.
Covenants are often proclaimed to be an important primitive for custody
systems, but no complete design has been proposed to validate that claim. To
address this, we propose an autonomous custody system called Ajolote which uses
deleted-key covenants to enforce a vault sequence. We evaluate Ajolote with; a
model of its state dynamics, a privacy analysis, and a risk model. We propose a
threat model for custody systems which captures a realistic attacker for a
system with offline devices and user-verification. We perform ceremony analysis
to construct the risk model.Comment: PhD thesi
- …