ETHDKG: Distributed Key Generation with Ethereum Smart Contracts

—Distributed key generation (DKG) is a fundamental building block for a variety of cryptographic schemes and protocols, such as threshold cryptography, multi-party coin tossing schemes, public randomness beacons and consensus protocols. More recently, the surge in interest for blockchain technologies, and in particular the quest for developing scalable protocol designs, has renewed and strengthened the need for efficient and practical DKG schemes. Surprisingly, given the broad range of applications and available body of research, fully functional and readily available DKG protocol implementations still remain limited. This paper hereby aims to close this gap by tailoring Gennaro et al.’s [1] well known protocol design towards being efficiently implementable within public cryptocurrency ecosystems such as Ethereum. Our theoretical improvements are supported by an open source, fully functional, well documented DKG implementation 1 that can employ any Ethereum Virtual Machine (EVM) compatible smart contract platform as a communication layer. We evaluate the efficiency of our protocol and demonstrate its practicability through the deployment and successful execution of our DKG contract in the Ethereum Ropsten testnet. Given the current Ethereum block gas limit, all steps required for the key generation process, even in demanding scenarios tested with up to 256 nodes, can be verified at the smart contract level.

[1]  Dan Boneh,et al.  Compact Multi-Signatures for Smaller Blockchains , 2018, IACR Cryptol. ePrint Arch..

[2]  S. Matthew Weinberg,et al.  Arbitrum: Scalable, private smart contracts , 2018, USENIX Security Symposium.

[3]  Matthew Green,et al.  Fairness in an Unfair World: Fair Multiparty Computation from Public Bulletin Boards , 2017, CCS.

[4]  Carmela Troncoso,et al.  Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments , 2017, Proc. Priv. Enhancing Technol..

[5]  Joseph Poon,et al.  Plasma : Scalable Autonomous Smart Contracts , 2017 .

[6]  Narjes Ben Rajeb,et al.  Distributed key generation protocol with a new complaint management strategy , 2016, Secur. Commun. Networks.

[7]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[8]  Aviv Zohar,et al.  Bitcoin's Security Model Revisited , 2016, ArXiv.

[9]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[10]  Ian Goldberg,et al.  Distributed Key Generation in the Wild , 2012, IACR Cryptol. ePrint Arch..

[11]  Patrick Longa,et al.  Faster Explicit Formulas for Computing Pairings over Ordinary Curves , 2011, EUROCRYPT.

[12]  Francisco Rodríguez-Henríquez,et al.  High-Speed Software Implementation of the Optimal Ate Pairing over Barreto-Naehrig Curves , 2010, Pairing.

[13]  Ian Goldberg,et al.  Distributed Key Generation for the Internet , 2009, 2009 29th IEEE International Conference on Distributed Computing Systems.

[14]  H. Krawczyk,et al.  Revisiting the Distributed Key Generation for Discrete-Log Based Cryptosystems , 2007 .

[15]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, Journal of Cryptology.

[16]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[17]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[18]  Hugo Krawczyk,et al.  Secure Applications of Pedersen's Distributed Key Generation Protocol , 2003, CT-RSA.

[19]  Miguel Castro,et al.  Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.

[20]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[21]  Hugo Krawczyk,et al.  Adaptive Security for Threshold Cryptosystems , 1999, CRYPTO.

[22]  J. Camenisch,et al.  Proof systems for general statements about discrete logarithms , 1997 .

[23]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[24]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[25]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[26]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[27]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[28]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[29]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).