Paper 2022/888
Tweakable Sleeve: A Novel Sleeve Construction based on Tweakable Hash Functions
Abstract
Recently, Chaum et al. (ACNS'21) introduced $\mathcal{S}_{leeve}$, which describes an extra security layer for signature schemes, i.e., ECDSA. This distinctive feature is a new key generation mechanism, allowing users to generate a ''back up key'' securely nested inside the secret key of a signature scheme. Using this novel construction, the ''back up key'', which is secret, can be used to generate a ''proof of ownership'', i.e., only the rightful owner of this secret key can generate such a proof. This design offers a quantum secure fallback, i.e., a brand new quantum resistant signature, ready to be used, nested in the ECDSA secret key. In this work, we rely on the original $\mathcal{S}_{leeve}$ definition to generalize the construction to a modular design based on Tweakable Hash Functions, thus yielding a cleaner design of the primitive. Furthermore, we provide a thorough security analysis taking into account the security of the ECDSA signature scheme, which is lacking in the original work. Finally, we provide an analysis based on formal methods using Verifpal assuring the security guarantees our construction provides.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. MARBLE 2022
- Keywords
- provable security digital wallet hash-based signatures
- Contact author(s)
-
david @ chaum com
mario larangeira @ iohk io
mario yaksetig @ fe up pt - History
- 2022-07-07: approved
- 2022-07-07: received
- See all versions
- Short URL
- https://ia.cr/2022/888
- License
-
CC0
BibTeX
@misc{cryptoeprint:2022/888, author = {David Chaum and Mario Larangeira and Mario Yaksetig}, title = {Tweakable Sleeve: A Novel Sleeve Construction based on Tweakable Hash Functions}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/888}, year = {2022}, url = {https://eprint.iacr.org/2022/888} }