2021 IEEE Symposium on Security and Privacy (SP) 2021
DOI: 10.1109/sp40001.2021.00067
|View full text |Cite
|
Sign up to set email alerts
|

Refresh When You Wake Up: Proactive Threshold Wallets with Offline Devices

Abstract: Proactive security is the notion of defending a distributed system against an attacker who compromises different devices through its lifetime, but no more than a threshold number of them at any given time. The emergence of threshold wallets for more secure cryptocurrency custody warrants an efficient proactivization protocol tailored to this setting. While many proactivization protocols have been devised and studied in the literature, none of them have communication patterns ideal for threshold wallets. In par… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
7
0

Year Published

2022
2022
2023
2023

Publication Types

Select...
5
1
1

Relationship

0
7

Authors

Journals

citations
Cited by 16 publications
(7 citation statements)
references
References 47 publications
0
7
0
Order By: Relevance
“…We model proactive security, similarly to [47], by each party in the system having an epoch tape which maintains an integer epoch initialized to 0 at the start of the execution. The execution proceeds in phases which alternate between an operational phase and a refreshing phase, starting with the operational phase.…”
Section: Modeling Proactive Securitymentioning
confidence: 99%
See 1 more Smart Citation
“…We model proactive security, similarly to [47], by each party in the system having an epoch tape which maintains an integer epoch initialized to 0 at the start of the execution. The execution proceeds in phases which alternate between an operational phase and a refreshing phase, starting with the operational phase.…”
Section: Modeling Proactive Securitymentioning
confidence: 99%
“…The execution proceeds in phases which alternate between an operational phase and a refreshing phase, starting with the operational phase. In contrast to [47], we force every party to have the same value as epoch counter.…”
Section: Modeling Proactive Securitymentioning
confidence: 99%
“…Canetti et al [17] proposed a refresh protocol using Paillier encryption and zero-knowledge proofs, but they provided a description of the refresh protocol for (n, n) threshold ECDSA only and just stated that one can easily obtain a refresh protocol for (t, n) threshold ECDSA schemes with t < n by applying secret sharing techniques. In [26], Kondi et al presented refresh protocols where some of parties are offline. However, the aforementioned works did not consider a recovery protocol.…”
Section: B Related Workmentioning
confidence: 99%
“…They stated that their refresh protocol can be easily extended to (t, n) threshold settings for t ≤ n by applying the secret sharing technique, but the detail was not given. In [26], Kondi et al provided refresh protocols, but their protocols focused on the case where some of parties are offline. They presented the refresh protocol for (2, n) threshold schemes and showed that it is impossible to design refresh protocols for (t, n) if t > 2 where some of n parties are offline.…”
Section: Introductionmentioning
confidence: 99%
“…The flexibility and security advantages of threshold protocols have become of central importance in the research for new cryptographic primitives [9]. Starting from the highly influential work of Gennaro et al [21], several authors proposed both novel schemes [31,30,12] and improvements to existing protocols [32,20,8,29,14,18,15,27].…”
Section: Introductionmentioning
confidence: 99%