Cryptology ePrint Archive: Report 2021/1449

One-more Unforgeability of Blind ECDSA

Xianrui Qin and Cailing Cai and Tsz Hon Yuen

Abstract: In this paper, we give the first formal security analysis on the one-more unforgeability of blind ECDSA. We start with giving a general attack on blind ECDSA, which is similar to the ROS attack on the blind Schnorr signature. We formulate the ECDSA-ROS problem to capture this attack.

Next, we give a generic construction of blind ECDSA based on an additive homomorphic encryption and a corresponding zero-knowledge proof. Our concrete instantiation is about 40 times more bandwidth efficient than the blind ECDSA in AsiaCCS 2019.

After that, we give the first formal proof of one-more unforgeability for blind ECDSA, under a new model called algebraic bijective random oracle. The security of our generic blind ECDSA relies on the hardness of a discrete logarithm-based interactive assumption and an assumption of the underlying elliptic curve.

Finally, we analyze the hardness of the ECDSA-ROS problem in the algebraic bijective random oracle model.

Category / Keywords: public-key cryptography / Blind signature, ECDSA, One-more unforgeability

Original Publication (with minor differences): ESORICS 2021

Date: received 28 Oct 2021

Contact author: xrqin at cs hku hk, clingcai at cs hku hk, thyuen at cs hku hk

Available format(s): PDF | BibTeX Citation

Version: 20211029:183031 (All versions of this report)

Short URL: ia.cr/2021/1449


[ Cryptology ePrint archive ]