A Composable Security Treatment of the Lightning Network

The high latency and low throughput of blockchain protocols constitute one of the fundamental barriers for their wider adoption. Overlay protocols, notably the lightning network, have been touted as the most viable direction for rectifying this in practice. In this work we present for the first time a full formalisation and security analysis of the lightning network in the (global) universal composition setting that leverages a global ledger functionality, for which realisability by the Bitcoin blockchain protocol has been demonstrated in previous work [Badertscher et al., Crypto’17]. As a result, our treatment delineates exactly how the security guarantees of the protocol depend on the properties of the underlying ledger and the frequent availability of the protocol participants. Moreover, we provide a complete and modular description of the core of the lightning protocol that highlights precisely its dependency to underlying basic cryptographic primitives such as igital signatures, pseudorandom functions, identity-based signatures and a less common two-party primitive, which we term a combined digital signature, that were originally hidden within the lightning protocol’s implementation.

[1]  Pramod Viswanath,et al.  Routing Cryptocurrency with the Spider Network , 2018, HotNets.

[2]  Stefan Dziembowski,et al.  Perun: Virtual Payment Hubs over Cryptocurrencies , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[3]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol with Chains of Variable Difficulty , 2017, CRYPTO.

[4]  Rami Khalil,et al.  Revive: Rebalancing Off-Blockchain Payment Networks , 2017, IACR Cryptol. ePrint Arch..

[5]  Iddo Bentov,et al.  Sprites and State Channels: Payment Networks that Go Faster Than Lightning , 2017, Financial Cryptography.

[6]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[7]  Yehuda Lindell,et al.  Introduction to Modern Cryptography, Second Edition , 2014 .

[8]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[9]  Christian Decker,et al.  A Fast and Scalable Payment Network with Bitcoin Duplex Micropayment Channels , 2015, SSS.

[10]  Elaine Shi,et al.  Hybrid Consensus: Efficient Consensus in the Permissionless Model , 2016, DISC.

[11]  Mihir Bellare,et al.  The Security of Practical Two-Party RSA Signature Schemes , 2001, IACR Cryptol. ePrint Arch..

[12]  Michael K. Reiter,et al.  Two-party generation of DSA signatures , 2001, International Journal of Information Security.

[13]  John McCarthy,et al.  Computer programs for checking mathematical proofs , 1962 .

[14]  Elaine Shi,et al.  Thunderella: Blockchains with Optimistic Instant Confirmation , 2018, IACR Cryptol. ePrint Arch..

[15]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[16]  Matthew Green,et al.  Bolt: Anonymous Payment Channels for Decentralized Currencies , 2017, CCS.

[17]  Stefan Dziembowski,et al.  General State Channel Networks , 2018, CCS.

[18]  David Mazières,et al.  Proactive Two-Party Signatures for User Authentication , 2003, NDSS.

[19]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[20]  Silvio Micali,et al.  ALGORAND: The Efficient and Democratic Ledger , 2016, ArXiv.

[21]  Emin Gün Sirer,et al.  Teechain: Reducing Storage Costs on the Blockchain With Offline Payment Channels , 2018, SYSTOR.

[22]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[23]  Pavel Prihodko,et al.  Flare : An Approach to Routing in Lightning Network White Paper , 2016 .

[24]  Giulio Malavolta,et al.  Concurrency and Privacy with Payment-Channel Networks , 2017, IACR Cryptol. ePrint Arch..

[25]  Abhi Shelat,et al.  Analysis of the Blockchain Protocol in Asynchronous Networks , 2017, EUROCRYPT.

[26]  Giulio Malavolta,et al.  Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability , 2019, NDSS.

[27]  Ethan Heilman,et al.  TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub , 2017, NDSS.

[28]  Ran Canetti,et al.  EasyUC: Using EasyCrypt to Mechanize Proofs of Universally Composable Security , 2019, 2019 IEEE 32nd Computer Security Foundations Symposium (CSF).

[29]  Ueli Maurer,et al.  Bitcoin as a Transaction Ledger: A Composable Treatment , 2017, CRYPTO.

[30]  Ravi Ganesan Yaksha: augmenting Kerberos with public key cryptography , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[31]  George Danezis,et al.  Sphinx: A Compact and Provably Secure Mix Format , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[32]  Ran Canetti,et al.  Universally Composable Security with Global Setup , 2007, TCC.

[33]  Aggelos Kiayias,et al.  Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability , 2018, IACR Cryptol. ePrint Arch..

[34]  Kenneth G. Paterson,et al.  Efficient Identity-Based Signatures Secure in the Standard Model , 2006, ACISP.