Scalable and Adaptively Secure Any-Trust Distributed Key Generation and All-hands Checkpointing

IACR Cryptol. ePrint Arch. Pub Date : 2023-11-16 DOI:10.48550/arXiv.2311.09592

Hanwen Feng, Tiancheng Mai, Qiang Tang

{"title":"Scalable and Adaptively Secure Any-Trust Distributed Key Generation and All-hands Checkpointing","authors":"Hanwen Feng, Tiancheng Mai, Qiang Tang","doi":"10.48550/arXiv.2311.09592","DOIUrl":null,"url":null,"abstract":"The classical distributed key generation protocols (DKG) are resurging due to their widespread applications in blockchain. While efforts have been made to improve DKG communication, practical large scale deployments are still yet to come, due to various challenges including broadcast channel scalability and worst-case complaint phase. In this paper, we propose a practical DKG for DL-based cryptosystems, with only (quasi-)linear computation/communication cost per participant, with the help of a public ledger, and beacon; Notably, our DKG only incurs constant-size blockchain storage cost for broadcast, even in the face of worst-case complaints. Moreover, our protocol satisfies adaptive security. The key to our improvements lies in delegating the most costly operations to an Any-Trust group. This group is randomly sampled and consists of a small number of individuals. The population only trusts that at least one member in the group is honest, without knowing which one. Additionally, we introduce an extended broadcast channel based on a blockchain and data dispersal network (such as IPFS), enabling reliable broadcasting of arbitrary-size messages at the cost of constant-size blockchain storage, which may be of independent interest. Our DKG leads to a fully practical instantiation of Filecoin's checkpointing mechanism, in which all validators of a Proof-of-Stake (PoS) blockcahin periodically run DKG and threshold signing to create checkpoints on Bitcoin, thereby enhancing the security of the PoS chain. In comparison with another checkpointing approach of Babylon (Oakland, 2023), ours enjoys a significally smaller monetary cost of Bitcoin transaction fees. For a PoS chain with $2^{12}$ validators, our cost is merely 0.6\\% of that incurred by Babylon's approach.","PeriodicalId":13158,"journal":{"name":"IACR Cryptol. ePrint Arch.","volume":"1 1","pages":"1773"},"PeriodicalIF":0.0000,"publicationDate":"2023-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IACR Cryptol. ePrint Arch.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.48550/arXiv.2311.09592","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The classical distributed key generation protocols (DKG) are resurging due to their widespread applications in blockchain. While efforts have been made to improve DKG communication, practical large scale deployments are still yet to come, due to various challenges including broadcast channel scalability and worst-case complaint phase. In this paper, we propose a practical DKG for DL-based cryptosystems, with only (quasi-)linear computation/communication cost per participant, with the help of a public ledger, and beacon; Notably, our DKG only incurs constant-size blockchain storage cost for broadcast, even in the face of worst-case complaints. Moreover, our protocol satisfies adaptive security. The key to our improvements lies in delegating the most costly operations to an Any-Trust group. This group is randomly sampled and consists of a small number of individuals. The population only trusts that at least one member in the group is honest, without knowing which one. Additionally, we introduce an extended broadcast channel based on a blockchain and data dispersal network (such as IPFS), enabling reliable broadcasting of arbitrary-size messages at the cost of constant-size blockchain storage, which may be of independent interest. Our DKG leads to a fully practical instantiation of Filecoin's checkpointing mechanism, in which all validators of a Proof-of-Stake (PoS) blockcahin periodically run DKG and threshold signing to create checkpoints on Bitcoin, thereby enhancing the security of the PoS chain. In comparison with another checkpointing approach of Babylon (Oakland, 2023), ours enjoys a significally smaller monetary cost of Bitcoin transaction fees. For a PoS chain with $2^{12}$ validators, our cost is merely 0.6\% of that incurred by Babylon's approach.

查看原文本刊更多论文

可扩展、自适应的安全任意信任分布式密钥生成和全员检查点

经典的分布式密钥生成协议（DKG）因其在区块链中的广泛应用而再度兴起。虽然人们一直在努力改进 DKG 通信，但由于广播信道可扩展性和最坏情况投诉阶段等各种挑战，实际的大规模部署仍有待实现。在本文中，我们为基于 DL 的加密系统提出了一种实用的 DKG，在公共账本和信标的帮助下，每个参与者只需要（准）线性计算/通信成本；值得注意的是，即使面对最坏情况下的投诉，我们的 DKG 也只会产生恒定大小的区块链广播存储成本。此外，我们的协议还满足自适应安全性。我们改进的关键在于将成本最高的操作委托给任意信任组。这个小组是随机抽样的，由少量个体组成。群体只相信组内至少有一个成员是诚实的，但不知道是哪一个。此外，我们还引入了一种基于区块链和数据分散网络（如 IPFS）的扩展广播通道，以恒定大小的区块链存储为代价，实现了任意大小信息的可靠广播，这可能是人们感兴趣的独立问题。我们的 DKG 带来了 Filecoin 检查点机制的完全实用实例化，在这种机制下，PoS（Proof-of-Stake）区块链的所有验证者都会定期运行 DKG 和阈值签名，在比特币上创建检查点，从而增强 PoS 链的安全性。与巴比伦（Oakland，2023 年）的另一种检查点方法相比，我们的方法大大降低了比特币交易费用的货币成本。对于拥有 2^{12}$ 验证器的 PoS 链来说，我们的成本仅为巴比伦方法的 0.6%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IACR Cryptol. ePrint Arch.

自引率

0.00%

发文量