Issue #72
Paper of the Week:
Paper Title: MuSig-DN: Schnorr Multi-Signatures with Verifiably Deterministic Nonces.
TLDR:
MuSig is a multi-signature scheme for Schnorr signatures, which supports key aggregation and is secure in the plain public key model.
Standard derandomization techniques for discrete logarithm-based signatures such as RFC 6979, which make the signing procedure immune to catastrophic failures in the randomness generation, are not applicable to multi-signatures as an attacker could trick an honest user into producing two different partial signatures with the same randomness, which would reveal the user’s secret key.
This paper proposes a variant of MuSig in which signers generate their nonce deterministically as a pseudorandom function of the message and all signers’ public keys and prove that they did so by providing a non-interactive zero-knowledge proof to their cosigners.
The resulting scheme is the first Schnorr multi-signature scheme with deterministic signing. Therefore its signing protocol is robust against failures in the randomness generation as well as attacks trying to exploit the statefulness of the signing procedure, e.g., virtual machine rewinding attacks.
As an additional benefit, a signing session requires only two rounds instead of three as required by all previous Schnorr multi-signatures including MuSig.
To instantiate our construction a suitable algebraic pseudorandom function is identified and an efficient implementation of this function as an arithmetic circuit is provided.
The paper demonstrates the practicality of the proposed technique by implementing it for the secp256k1 elliptic curve used in Bitcoin.
Authors: Jonas Nick*, Tim Ruffing*, Yannick Seurin†, and Pieter Wuille*,
Affiliations: * Blockstream and † ANSSI.
Security:
1. Paper Title: Moderated Redactable Blockchains: A Definitional Framework with an Efficient Construct.
Summary: Four novel attacks are presented against existing redactable blockchains: two attacks against moderated constructs, and two against the unmoderated ones.
Authors: Mohammad Sadeq Dousti* and Alptekin Küpçü†,
Affiliations: * Johannes Gutenberg University of Mainz and † Koç University.
2. Paper Title: Attacking Threshold Wallets.
Summary: Three different attacks on threshold signature schemes (TSS) implementations used by leading organizations.
Authors: JP Aumasson* and Omer Shlomovits†,
Affiliations: *Taurus Group and † ZenGo X.
3. Paper Title: FileBounty: Fair Data Exchange.
Summary: A fair protocol which, assuming the cryptographic hash of the file of interest is known to the buyer, is trust-free and lets a buyer purchase data for a previously agreed monetary amount, while guaranteeing the integrity of the contents.
Authors: Simon Janin*, Kaihua Qin†, Akaki Mamageishvili‡ and Arthur Gervais†,
Affiliations: * X80 Security, † Imperial College London, and ‡ ETH Zurich.
4. Paper Title: Share Withholding Attack in Blockchain Mining: Technical Report.
Summary: This work advances the withholding-based attacks and introduces the share-withholding (SWH) attack.
Authors: Sang-Yoon Chang*,
Affiliations: * University of Colorado.
Privacy:
1. Paper Title: Applying Private Information Retrieval to Lightweight Bitcoin Clients.
Summary: Design of an SPV protocol that leverages Private Information Retrieval (PIR) to create fully private and performant queries.
Authors: Kaihua Qin*, Henryk Hadass*, Arthur Gervais*, and Joel Reardon†,
Affiliations: * Imperial College London and † University of Calgary.
Scalability:
No papers.
Proofs:
No papers.
Consensus:
1. Paper Title: Consensus Redux: Distributed Ledgers in the Face of Adversarial Supremacy.
Summary: The first thorough treatment of self-healing properties of distributed ledgers covering both proof-of-work (PoW) and proof-of-stake (PoS) protocols.
Authors: Christian Badertscher*, Peter Gazi*, Aggelos Kiayias*†, Alexander Russell*‡, and Vassilis Zikas*†,
Affiliations: * IOHK, † University of Edinburgh, and ‡ University of Connecticut.
2. Paper Title: RANDCHAIN: Decentralised Randomness Beacon from Sequential Proof-of-Work.
Summary: A new family of Decentralised Randomness Beacon (DRB) protocols that are simple, secure and scalable.
Authors: Runchao Han*†, Jiangshan Yu*, and Haoyu Lin‡§,
Affiliations: * Monash University, † CSIRO-Data61, ‡ Bytom Foundation, and § ZenGo X.
Tokenomics:
1. Paper Title: Reasons to Be Cheerful: The Benevolent Market Power of Decentralised Blockchains.
Summary: Decentralised permissionless blockchains offer the prospect of radical pro-competitive and inclusive efficiencies, and hence might contribute to a procompetitive industrial policy.
Authors: Chris Pike* and Gabriele Carovano*,
Affiliations: * OECD.
2. Paper Title: Law and Regulation for a Crypto-Market: Perpetuation or Innovation?
Summary: This paper looks at the importance of the law in a crypto-market and recognises that the market is a legal construct and so is the crypto-market.
Authors: Joseph Lee*,
Affiliations: * University of Exeter.
3. Paper Title: The Too-Big-To-Fail Problem and the Blockchain Solution.
Summary: The paper seeks to ascertain whether and to what extent blockchain technology may contribute to solving the politically and socially intractable problems of effectively resolving distressed TBTF financial institutions.
Authors: Michael Schillig*,
Affiliations: * King's College London.
Conferences, Journals, & CFPs:
September 17-18 - Cryptocurrencies and Blockchain Technology (CBT’2020) (United Kingdom)
October 21-23 - The second ACM conference on Advances in Financial Technologies (AFT’20) (New York City)
Conferences’ Videos:
Jobs:
RFPs:
This newsletter is for informational purposes only. This content does not in any way constitute an offer or solicitation of an offer to buy or sell any investment solution or recommendation to buy or sell a security; nor it is to be taken as legal, business, investment, or tax advice. In fact, none of the information in this or other content on zk Capital should be relied on in any manner as advice. None of the authors, contributors, or anyone else connected with zk Capital, in any way whatsoever, can be responsible for your use of the information contained in this newsletter.