PoW-Based Distributed Cryptography with No Trusted Setup

Motivated by the recent success of Bitcoin we study the question of constructing distributed cryptographic protocols in a fully peer-to-peer scenario under the assumption that the adversary has limited computing power and there is no trusted setup (like PKI, or an unpredictable beacon). We propose a formal model for this scenario and then we construct a broadcast protocol in it. This protocol is secure under the assumption that the honest parties have computing power that is some non-negligible fraction of computing power of the adversary (this fraction can be small, in particular it can be much less than 1 / 2), and a (rough) total bound on the computing power in the system is known.

[1]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[2]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[3]  Danny Dolev,et al.  Authenticated Algorithms for Byzantine Agreement , 1983, SIAM J. Comput..

[4]  Michael O. Rabin,et al.  Transaction Protection by Beacons , 1983, J. Comput. Syst. Sci..

[5]  László Babai,et al.  Trading group theory for randomness , 1985, STOC '85.

[6]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[7]  Shafi Goldwasser,et al.  Private coins versus public coins in interactive proof systems , 1986, STOC '86.

[8]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[9]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[10]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[11]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[12]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[13]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[14]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[15]  Yehuda Lindell,et al.  Universally composable two-party and multi-party secure computation , 2002, STOC '02.

[16]  Adam Back,et al.  Hashcash - A Denial of Service Counter-Measure , 2002 .

[17]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[18]  Jeffrey Considine,et al.  Byzantine Agreement Given Partial Broadcast , 2005, Journal of Cryptology.

[19]  J. Aspnes,et al.  Exposing Computationally-Challenged Byzantine Impostors , 2005 .

[20]  Moni Naor,et al.  Pebbling and Proofs of Work , 2005, CRYPTO.

[21]  Moni Naor,et al.  Split-ballot voting: Everlasting privacy with distributed trust , 2007, TSEC.

[22]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[23]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[24]  Jeremy Clark,et al.  On the Use of Financial Data as a Random Beacon , 2010, EVT/WOTE.

[25]  Ueli Maurer,et al.  Universally Composable Synchronous Computation , 2013, TCC.

[26]  Lear Bahack,et al.  Theoretical Bitcoin Attacks with less than Half of the Computational Power (draft) , 2013, IACR Cryptol. ePrint Arch..

[27]  Elaine Shi,et al.  Pseudonymous Secure Computation from Time-Lock Puzzles , 2014, IACR Cryptol. ePrint Arch..

[28]  Marcin Andrychowicz,et al.  Distributed Cryptography Based on the Proofs of Work , 2014, IACR Cryptol. ePrint Arch..

[29]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.