Paper 2024/275

The Multi-user Constrained PRF Security of Generalized GGM Trees for MPC and Hierarchical Wallets

Chun Guo, Shandong University
Xiao Wang, Northwestern University
Xiang Xie, Shanghai Qizhi Institute
Yu Yu, Shanghai Jiao Tong University
Abstract

Multi-user (mu) security considers large-scale attackers that, given access to a number of cryptosystem instances, attempt to compromise at least one of them. We initiate the study of mu security of the so-called GGMtree that stems from the PRG-to-PRF transformation of Goldreich, Goldwasser, and Micali, with a goal to provide references for its recently popularized use in applied cryptography. We propose a generalized model for GGM trees and analyze its mu prefix-constrained PRF security in the random oracle model. Our model allows to derive concrete bounds and improvements for various protocols, and we showcase on the Bitcoin-Improvement-Proposal standard Bip32 hierarchical wallets and function secret sharing (FSS) protocols. In both scenarios, we propose improvements with better performance and concrete security bounds at the same time. Compared with the state-of-the-art designs, our SHACAL3- and KeccaK-𝑝-based Bip32 variants reduce the communication cost of MPC-based implementations by 73.3%∼93.8%, while our AES-based FSS substantially improves mu security while reducing computations by 50%.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. ACM Transactions on Privacy and Security (TOPS, previously known as TISSEC)
DOI
10.1145/3592608
Keywords
GGM treeconstrained PRFmulti-user securityFSS protocolBip32
Contact author(s)
chun guo sc @ gmail com
wangxiao @ cs northwestern edu
xiexiangiscas @ gmail com
yuyu @ cs sjtu edu cn
History
2024-02-22: last of 2 revisions
2024-02-19: received
See all versions
Short URL
https://ia.cr/2024/275
License
No rights reserved
CC0

BibTeX 

@misc{cryptoeprint:2024/275,
      author = {Chun Guo and Xiao Wang and Xiang Xie and Yu Yu},
      title = {The Multi-user Constrained PRF Security of Generalized GGM Trees for MPC and Hierarchical Wallets},
      howpublished = {Cryptology ePrint Archive, Paper 2024/275},
      year = {2024},
      doi = {10.1145/3592608},
      note = {\url{https://eprint.iacr.org/2024/275}},
      url = {https://eprint.iacr.org/2024/275}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.