Cryptology ePrint Archive: Report 2019/315

Blockchains from Non-Idealized Hash Functions

Juan A. Garay and Aggelos Kiayias and Giorgos Panagiotakos

Abstract: The formalization of concrete, non-idealized hash function properties sufficient to prove the security of Bitcoin and related protocols has been elusive, as all previous security analyses of blockchain protocols have been performed in the random oracle model. In this paper we identify three such properties, and then construct a blockchain protocol whose security can be reduced to them in the standard model assuming a common reference string (CRS).

The three properties are: {\em collision resistance}, {\em computational randomness extraction} and {\em iterated hardness}. While the first two properties have been extensively studied, iterated hardness has been empirically stress-tested since the rise of Bitcoin; in fact, as we demonstrate in this paper, any attack against it (assuming the other two properties hold) results in an attack against Bitcoin.

In addition, iterated hardness puts forth a new class of search problems which we term {\em iterated search problems} (ISP). ISPs enable the concise and modular specification of blockchain protocols, and may be of independent interest.

Category / Keywords: foundations / blockchain protocols, proof-of-work, falsifiable assumptions, non-idealized hash functions

Original Publication (with minor differences): IACR-TCC-2020

Date: received 21 Mar 2019, last revised 13 Nov 2020

Contact author: pagio91i at gmail com, akiayias at inf ed ac uk, garay at cse tamu edu

Available format(s): PDF | BibTeX Citation

Note: Rewritten focusing on non-idealized hash functions.

Version: 20201113:135020 (All versions of this report)

Short URL: ia.cr/2019/315


[ Cryptology ePrint archive ]