Sassafras and Semi-Anonymous Single Leader Election

A single-leader election (SLE) is a way to elect one leader randomly among the parties in a distributed system. If the leader is secret (i.e., unpredictable) then it is called a secret single leader election (SSLE). In this paper, we model the security of SLE in the universally composable (UC) model. Our model is adaptable to various unpredictability levels for leaders that an SLE aims to provide. We construct an SLE protocol that we call semi-anonymous single leader election (SASLE). We show that SASLE is secure against adaptive adversaries in the UC model. SASLE provides a good amount of unpredictability level to most of the honest leaders while it does not provide unpredictability to the rest of them. In this way, we obtain better communication overhead by comparing the existing SSLE protocols. In the end, we construct a PoS-protocol (Sassafras) which deploys SASLE to elect the block producers. Sassafras benefits from the efficiency of SASLE and gains significant security both to grinding attacks and the private attack as shown by Azouvi and Cappelletti (ACM AFT 2021) because it elects a single block producer

Ring Verifiable Random Functions and Zero-Knowledge Continuations

We introduce a new cryptographic primitive, named ring verifiable random function (ring VRF). Ring VRF combines properties of VRF and ring signatures, offering verifiable unique, pseudorandom outputs while ensuring anonymity of the output and message authentication. We design its security in the universal composability (UC) framework and construct two protocols secure in our model. We also formalize a new notion of zero-knowledge (ZK) continuations allowing for the reusability of proofs by randomizing and enhancing the efficiency of one of our ring VRF schemes. We instantiate this notion with our protocol SpecialG which allows a prover to reprove a statement in a constant time and be unlikable to the previous proof(s)

Ouroboros Clepsydra: Ouroboros Praos in the Universally Composable Relative Time Model

Ouroboros Praos is a proof of stake based blockchain protocol. One of its security assumptions is parties are synchronized i.e., all of them knows when the protocol passes a new state. However, it is not easy to have such a protocol in real life, especially in a decentralized network. Therefore, we construct a new version of Ouroboros Praos by composing a new protocol called Relative Time protocol. We call the new version Ouroboros Clepsydra. At the end of the relative time protocol, a party learns the approximate state of the protocol based on the median of arrival times of messages sent by the other parties and adjusts its local clock based on it. The relative time protocol does not add any new computation to the other parties. They even do not realize that they are part of the relative time protocol. In order to prove Ouroboros Clepsydrain the Universally Composable (UC) model, we define a general UC model to capture the notion of relative time. We remove the synchronization assumption in Ouroboros Clepsydra and show that Ouroboros Clepsydra is a secure proof of stake blockchain protocol in the UC model