Securing Bitcoin wallets via a new DSA / ECDSA threshold signature scheme

The Bitcoin ecosystem has suffered frequent thefts and losses affecting both businesses and individuals. Due to the irreversibility, automation, and pseudonymity of transactions, Bitcoin currently lacks support for the sophisticated internal control systems deployed by modern businesses to deter fraud. To address this problem, we present the first threshold signature scheme compatible with Bitcoin’s ECDSA signatures and show how distributed Bitcoin wallets can be built using this primitive. For businesses, we show how our distributed wallets can be used to systematically eliminate single points of failure at every stage of the flow of bitcoins through the system. For individuals, we design, implement, and evaluate a two-factor secure Bitcoin wallet.

[1]  I. Monitor Information Security Management Handbook , 2000 .

[2]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[3]  Marina Blanton,et al.  Secure Multiparty Computation , 2011, Encyclopedia of Cryptography and Security.

[4]  Ivan Damgård,et al.  Practical Threshold RSA Signatures without a Trusted Dealer , 2000, EUROCRYPT.

[5]  A. H. El-Sawi,et al.  A robust threshold elliptic curve digital signature providing a new verifiable secret sharing scheme , 2003, 2003 46th Midwest Symposium on Circuits and Systems.

[6]  Michael K. Reiter,et al.  Two-party generation of DSA signatures , 2001, International Journal of Information Security.

[7]  Kouichi Sakurai,et al.  Distributed Paillier Cryptosystem without Trusted Dealer , 2010, WISA.

[8]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[9]  Sufyan Salim Mahmood Al Dabbagh,et al.  Digital signature algorithm , 2011 .

[10]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[11]  Alexandra Boldyreva,et al.  Efficient threshold signature, multisignature and blind signature schemes based on the Gap-Diffie-Hellman-Group signature scheme , 2002 .

[12]  IT Auditing and Application Controls for Small and Mid-Sized Enterprises: Revenue, Expenditure, Inventory, Payroll, and More , 2013 .

[13]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[14]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..

[15]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[16]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[17]  Jacques Stern,et al.  Practical multi-candidate election system , 2001, PODC '01.

[18]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, Journal of Cryptology.

[19]  Douglas R. Stinson,et al.  Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates , 2001, ACISP.

[20]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[21]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.