Paralysis Proofs: Secure Dynamic Access Structures for Cryptocurrency Custody and More

The growing adoption of digital assets---including but not limited to cryptocurrencies, tokens, and even identities---calls for secure and robust digital assets custody. A common way to distribute the ownership of a digital asset is (M, N)-threshold access structures. However, traditional access structures leave users with a painful choice. Setting M = N seems attractive as it offers maximum resistance to share compromise, but it also causes maximum brittleness: A single lost share renders the asset permanently frozen, inducing paralysis. Lowering M improves availability, but degrades security. In this paper, we introduce techniques that address this impasse by making general cryptographic access structures dynamic. The core idea is what we call Paralysis Proofs, evidence that players or shares are provably unavailable. Using Paralysis Proofs, we show how to construct a Dynamic Access Structure System (DASS), which can securely and flexibly update target access structures without a trusted third party. We present DASS constructions that combine a trust anchor (a trusted execution environment or smart contract) with a censorship-resistant channel in the form of a blockchain. We offer a formal framework for specifying DASS policies, and show how to achieve critical security and usability properties (safety, liveness, and paralysis-freeness) in a DASS. To illustrate the wide range of applications, we present three use cases of DASSes for improving digital asset custody: a multi-signature scheme that can "downgrade" the threshold should players become unavailable; a hybrid scheme where the centralized custodian can't refuse service; and a smart-contract-based scheme that supports recovery from unexpected bugs.

[1]  Pedro Moreno-Sanchez,et al.  R3C3: Cryptographically secure Censorship Resistant Rendezvous using Cryptocurrencies , 2018, IACR Cryptol. ePrint Arch..

[2]  Mitsuru Ito,et al.  Secret sharing scheme realizing general access structure , 1989 .

[3]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[4]  Emin Gün Sirer,et al.  Bitcoin Covenants , 2016, Financial Cryptography Workshops.

[5]  Ari Juels,et al.  Enter the Hydra: Towards Principled Bug Bounties and Exploit-Resistant Smart Contracts , 2018, IACR Cryptol. ePrint Arch..

[6]  Mihir Bellare,et al.  Multi-signatures in the plain public-Key model and a general forking lemma , 2006, CCS '06.

[7]  Dan Boneh,et al.  IRON: Functional Encryption using Intel SGX , 2017, CCS.

[8]  Sean Stolberg,et al.  Enabling Agile Testing through Continuous Integration , 2009, 2009 Agile Conference.

[9]  Jason Teutsch,et al.  Demystifying Incentives in the Consensus Computer , 2015, CCS.

[10]  Ittai Anati,et al.  Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[11]  Matthew Green,et al.  Giving State to the Stateless: Augmenting Trustworthy Computation with Ledgers , 2019, NDSS.

[12]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[13]  Fan Zhang,et al.  Paralysis Proofs: Safe Access-Structure Updates for Cryptocurrencies and More , 2018, IACR Cryptol. ePrint Arch..

[14]  Steven Myers,et al.  On the Practicality of Cryptographically Enforcing Dynamic Access Control Policies in the Cloud , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[15]  Marcus Peinado,et al.  Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems , 2015, 2015 IEEE Symposium on Security and Privacy.

[16]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[17]  Rong Hao,et al.  Two Protocols for Member Revocation in Secret Sharing Schemes , 2011, PAISI.

[18]  Fan Zhang,et al.  Tesseract: Real-Time Cryptocurrency Exchange using Trusted Hardware , 2017, IACR Cryptol. ePrint Arch..

[19]  Feng Hao,et al.  ZombieCoin: Powering Next-Generation Botnets with Bitcoin , 2015, Financial Cryptography Workshops.

[20]  Matthew Green,et al.  Fairness in an Unfair World: Fair Multiparty Computation from Public Bulletin Boards , 2017, CCS.

[21]  Sushil Jajodia,et al.  Redistributing Secret Shares to New Access Structures and Its Applications , 1997 .

[22]  Emin Gün Sirer,et al.  Bitcoin-NG: A Scalable Blockchain Protocol , 2015, NSDI.

[23]  Frank Stajano,et al.  The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes , 2012, 2012 IEEE Symposium on Security and Privacy.

[24]  Ari Juels,et al.  Setting Standards for Altering and Undoing Smart Contracts , 2016, RuleML.

[25]  Andrew Glover,et al.  Continuous Integration: Improving Software Quality and Reducing Risk (The Addison-Wesley Signature Series) , 2007 .

[26]  Douglas R. Stinson,et al.  Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates , 2001, ACISP.

[27]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[28]  Thomas F. Wenisch,et al.  Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution , 2018, USENIX Security Symposium.

[29]  Fazlullah Khan,et al.  An Innovative Approach to Investigate Various Software Testing Techniques and Strategies , 2016 .

[30]  Arvind Narayanan,et al.  Threshold-Optimal DSA/ECDSA Signatures and an Application to Bitcoin Wallet Security , 2016, ACNS.

[31]  Srdjan Capkun,et al.  ROTE: Rollback Protection for Trusted Execution , 2017, USENIX Security Symposium.

[32]  Roy H. Campbell,et al.  Dynamic access control: preserving safety and trust for network defense operations , 2003, SACMAT '03.

[33]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[34]  Fan Zhang,et al.  Town Crier: An Authenticated Data Feed for Smart Contracts , 2016, CCS.

[35]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[36]  Russell O'Connor,et al.  Enhancing Bitcoin Transactions with Covenants , 2017, Financial Cryptography Workshops.

[37]  Elaine Shi,et al.  Formal Abstractions for Attested Execution Secure Processors , 2017, EUROCRYPT.

[38]  Fan Zhang,et al.  Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[39]  Juan del Cuvillo,et al.  Using innovative instructions to create trustworthy software solutions , 2013, HASP '13.

[40]  Dawn Xiaodong Song,et al.  Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contract Execution , 2018, ArXiv.

[41]  Jongkil Kim,et al.  A Cryptographically Enforced Access Control with a Flexible User Revocation on Untrusted Cloud Storage , 2016, Data Science and Engineering.