This work presents Arcula, a new design for hierarchical deterministic wallets that brings identity-based public keys to the blockchain. Arcula is built on top of provably secure cryptographic primitives. It generates all its cryptographic secrets from a user-provided seed and enables the derivation of new public keys based on the identities of users, without requiring any secret information. Unlike other wallets, it achieves all these properties while being secure against privilege escalation. We formalize the security model of hierarchical deterministic wallets and prove that an attacker compromising an arbitrary number of users within an Arcula wallet cannot escalate his privileges and compromise users higher in the access hierarchy. Our design works out-of-the-box with any blockchain that enables the verification of signatures on arbitrary messages. We evaluate its usage in a real-world scenario on the Bitcoin Cash network.
Arcula: A secure hierarchical deterministic wallet for multi-asset blockchains / Di Luzio, A.; Francati, D.; Ateniese, G.. - 12579:(2020), pp. 323-343. ( 19th International Conference on Cryptology and Network Security, CANS 2020 vienna; austria ) [10.1007/978-3-030-65411-5_16].
Arcula: A secure hierarchical deterministic wallet for multi-asset blockchains
Di Luzio A.Primo
;Francati D.
Secondo
;Ateniese G.
2020
Abstract
This work presents Arcula, a new design for hierarchical deterministic wallets that brings identity-based public keys to the blockchain. Arcula is built on top of provably secure cryptographic primitives. It generates all its cryptographic secrets from a user-provided seed and enables the derivation of new public keys based on the identities of users, without requiring any secret information. Unlike other wallets, it achieves all these properties while being secure against privilege escalation. We formalize the security model of hierarchical deterministic wallets and prove that an attacker compromising an arbitrary number of users within an Arcula wallet cannot escalate his privileges and compromise users higher in the access hierarchy. Our design works out-of-the-box with any blockchain that enables the verification of signatures on arbitrary messages. We evaluate its usage in a real-world scenario on the Bitcoin Cash network.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
