Paper 2021/1449

One-more Unforgeability of Blind ECDSA

Xianrui Qin, Cailing Cai, and Tsz Hon Yuen

Abstract

In this paper, we give the first formal security analysis on the one-more unforgeability of blind ECDSA. We start with giving a general attack on blind ECDSA, which is similar to the ROS attack on the blind Schnorr signature. We formulate the ECDSA-ROS problem to capture this attack. Next, we give a generic construction of blind ECDSA based on an additive homomorphic encryption and a corresponding zero-knowledge proof. Our concrete instantiation is about 40 times more bandwidth efficient than the blind ECDSA in AsiaCCS 2019. After that, we give the first formal proof of one-more unforgeability for blind ECDSA, under a new model called algebraic bijective random oracle. The security of our generic blind ECDSA relies on the hardness of a discrete logarithm-based interactive assumption and an assumption of the underlying elliptic curve. Finally, we analyze the hardness of the ECDSA-ROS problem in the algebraic bijective random oracle model.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. ESORICS 2021
Keywords
Blind signatureECDSAOne-more unforgeability
Contact author(s)
xrqin @ cs hku hk
clingcai @ cs hku hk
thyuen @ cs hku hk
History
2021-10-29: received
Short URL
https://ia.cr/2021/1449
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2021/1449,
      author = {Xianrui Qin and Cailing Cai and Tsz Hon Yuen},
      title = {One-more Unforgeability of Blind {ECDSA}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1449},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1449}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.