学术报告|基于加法密钥派生和预签名的门限ECDSA签名算法分析

浙江大学网络空间安全学院

学术报告

  摘 要  

In this talk we will give an introduction to the Internet Computer and dive into the threshold ECDSA signing service that enables smart contracts to sign Bitcoin and Ethereum transactions. The ECDSA signing service supports BIP32 key derivation such that all smart contract public keys can be derived from a single public key, which simplifies key management, and early construction of pre-signatures to enable fast one-round signing of messages. We analyze combinations of these optimization techniques and show for standard non-threshold ECDSA that additive key generation is secure and pre-computation is secure, but combining additive key derivation and pre-computation leads to non-tight security. Fortunately, we can save the combination and tighten security through public re-randomization of the precomputation, which is the solution implemented on the Internet Computer.

  报告人简介  

Jens is a leading cryptographer who has invented pairing-based NIZK proofs, pairing-based SNARKs, and logarithmic size proof systems underpinning Bulletproofs. He got a PhD from Aarhus University, the Chancellor's Award for Postdoctoral Research at UCLA, became Professor of Cryptology at UCL, and has published more than 50 scientific articles.