skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Minimizing Trust in Hardware Wallets with Two Factor Signatures
We introduce the notion of two-factor signatures (2FS), a generalization of a two-out-of-two threshold signature scheme in which one of the parties is a hardware token which can store a high-entropy secret, and the other party is a human who knows a low-entropy password. The security (unforgeability) property of 2FS requires that an external adversary corrupting either party (the token or the computer the human is using) cannot forge a signature. This primitive is useful in contexts like hardware cryptocurrency wallets in which a signature conveys the authorization of a transaction. By the above security property, a hardware wallet implementing a two-factor signature scheme is secure against attacks mounted by a malicious hardware vendor; in contrast, all currently used wallet systems break under such an attack (and as such are not secure under our definition). We construct efficient provably-secure 2FS schemes which produce either Schnorr signature (assuming the DLOG assumption), or EC-DSA signatures (assuming security of EC-DSA and the CDH assumption) in the Random Oracle Model, and evaluate the performance of implementations of them. Our EC-DSA based 2FS scheme can directly replace currently used hardware wallets for Bitcoin and other major cryptocurrencies to enable security against malicious hardware vendors.  more » « less
Award ID(s):
1704788
PAR ID:
10094253
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
Financial Crypto
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; (, 2019 IEEE Global Communications Conference (GLOBECOM))
    Bitcoin and other cryptocurrencies have become popular and motivate more hackers to steal digital funds. Users protect their private keys using crypto wallets to keep their funds safe from hackers. While the most secure option is hardware wallet, it suffers from lack of a secure and convenient backup and recovery process. Almost all existing wallets use mnemonics to back up the private keys, and a user must write down these words on a piece of paper. This approach is not only inconvenient but also problematic since the paper could be lost or stolen, resulting in a hacker recovering the keys. In this paper, we propose a new digital scheme to securely back up a hardware wallet relying on the side-channel human visual verification enabled by display screen on a hardware wallet. Using this method, we transfer the root of private keys from one hardware wallet to another wallet securely even via an untrusted terminal, such as a smartphone. At the end of this process, the user has two hardware wallets with the same private keys while she may use one of them as the main wallet and another one as a backup wallet. 
    more » « less
  2. ; (, 2020 IEEE 6th International Conference on Computer and Communications (ICCC))
    null (Ed.)
    A significant challenge in blockchain and cryptocurrencies is protecting private keys from potential hackers because nobody can rollback a transaction made with a stolen key once the blockchain network confirms the transaction. The technical solution to protect private keys is cryptocurrency wallets, a piece of software, hardware, or a combination of them to manage the keys. In this paper, we propose a multilayered architecture for cryptocurrency wallets based on a Defense-in-Depth strategy to protect private keys with a balance between convenience and security. The user protects the private keys in three restricted layers with different protection mechanisms. So, a single breach cannot threaten the entire fund, and it saves time for the user to respond. We implement a proof-of-concept of our proposed architecture on both a smart card hardware wallet and an Android smartphone wallet with no performance penalty. Furthermore, we analyze the security of our proposed architecture with two adversary models. 
    more » « less
  3. (, EUROCRYPT 2019)
    Public key quantum money can be seen as a version of the quantum no-cloning theorem that holds even when the quantum states can be verified by the adversary. In this work, we investigate quantum lightning where no-cloning holds even when the adversary herself gener- ates the quantum state to be cloned. We then study quantum money and quantum lightning, showing the following results: – We demonstrate the usefulness of quantum lightning beyond quan- tum money by showing several potential applications, such as gen- erating random strings with a proof of entropy, to completely decen- tralized cryptocurrency without a block-chain, where transactions is instant and local. – We give Either/Or results for quantum money/lightning, showing that either signatures/hash functions/commitment schemes meet very strong recently proposed notions of security, or they yield quan- tum money or lightning. Given the difficulty in constructing public key quantum money, this suggests that natural schemes do attain strong security guarantees. – We show that instantiating the quantum money scheme of Aaron- son and Christiano [STOC’12] with indistinguishability obfuscation that is secure against quantum computers yields a secure quantum money scheme. This construction can be seen as an instance of our Either/Or result for signatures, giving the first separation between two security notions for signatures from the literature. – Finally, we give a plausible construction for quantum lightning, which we prove secure under an assumption related to the multi- collision resistance of degree-2 hash functions. Our construction is inspired by our Either/Or result for hash functions, and yields the first plausible standard model instantiation of a non-collapsing col- lision resistant hash function. This improves on a result of Unruh [Eurocrypt’16] which is relative to a quantum oracle. 
    more » « less
  4. ; (, 2019 IEEE International Conference on Blockchain (Blockchain))
    A big challenge in cryptocurrency is securing a user key from potential hackers because nobody can rollback a transaction made by an attacker with a stolen key once the blockchain network confirms it. One solution to protect users is splitting the money between super-wallet and sub-wallet. The user stores a large amount of money on her super-wallet and keeps it safe; she refills the sub-wallet when she needs while using the sub-wallet for her daily purchases. In this paper, we propose a new scheme to create sub-wallet that we call deterministic sub-wallet. In this scheme, the seed of the sub-wallet keys is derived from the super-wallet master seed, and therefore the super-wallet can build many sub-wallet addresses and refill them in a single blockchain transaction. Compared to existing approaches, our mechanism is cheaper, real-time, more secure against man-in-the-middle attack and easier for backup and recovery. We implement a proof-of-concept on a hardware wallet and evaluate its performance. In addition, we analyze the attacks and defenses of this design to demonstrate that our proposed method has a higher level of security than existing models. 
    more » « less
  5. ; ; ; ; ; (, IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom))
    null (Ed.)
    Collaborative intrusion detection system (CIDS) shares the critical detection-control information across the nodes for improved and coordinated defense. Software-defined network (SDN) introduces the controllers for the networking control, including for the networks spanning across multiple autonomous systems, and therefore provides a prime platform for CIDS application. Although previous research studies have focused on CIDS in SDN, the real-time secure exchange of the detection relevant information (e.g., the detection signature) remains a critical challenge. In particular, the CIDS research still lacks robust trust management of the SDN controllers and the integrity protection of the collaborative defense information to resist against the insider attacks transmitting untruthful and malicious detection signatures to other participating controllers. In this paper, we propose a blockchain-enabled collaborative intrusion detection in SDN, taking advantage of the blockchain’s security properties. Our scheme achieves three important security goals: to establish the trust of the participating controllers by using the permissioned blockchain to register the controller and manage digital certificates, to protect the integrity of the detection signatures against malicious detection signature injection, and to attest the delivery/update of the detection signature to other controllers. Our experiments in CloudLab based on a prototype built on Ethereum, Smart Contract, and IPFS demonstrates that our approach efficiently shares and distributes detection signatures in real-time through the trustworthy distributed platform. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email