当前位置: X-MOL 学术Int. J. Inf. Secur. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Secure hierarchical Bitcoin wallet scheme against privilege escalation attacks
International Journal of Information Security ( IF 3.2 ) Pub Date : 2019-11-08 , DOI: 10.1007/s10207-019-00476-5
Chun-I Fan , Yi-Fan Tseng , Hui-Po Su , Ruei-Hau Hsu , Hiroaki Kikuchi

As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to manage the keys for spending or receiving funds. Instead of generating randomly pairs of keys, which may need higher space complexity for key management, hierarchical deterministic (HD) wallets derive all the keys from a single seed, which is sufficient to recover all the keys, to reduce the complexity of key management. In an HD wallet, it allows users to generate child public keys from the parent public keys without knowing any of the corresponding private keys. This feature allows a permitted auditor to derive all the public keys for auditing. However, this feature makes HD wallets suffered from so-called privilege escalation attacks, where the leakage of any child private key along with its parent public key will expose the other child private keys. To confront with this security flaw, we propose a novel HD wallet scheme that gives out a signature with trapdoor hash functions instead of directly giving private keys for signing. Since it conceals private keys from any child nodes, it can prevent from privilege escalation attacks. Nevertheless, the proposed scheme also provides unlinkability between two public keys to achieve anonymity of user identities and high scalability to the derivations of huge amount of keys. Thus, the proposed scheme achieves user anonymity, public key derivation, and high scalability.

中文翻译:

安全的分层比特币钱包方案,防止特权升级攻击

随着比特币的日益普及,人们倾向于使用比特币钱包来管理用于支出或接收资金的密钥。分层确定性(HD)钱包不是从随机密钥对中生成密钥对,而密钥对可能需要更高的空间复杂性,而是从一个种子中获取所有密钥,这足以恢复所有密钥,从而降低了密钥管理的复杂性。在高清钱包中,它允许用户从父公共密钥生成子公共密钥,而无需知道任何相应的私有密钥。此功能允许允许的审核员导出所有用于审核的公钥。但是,此功能使HD钱包遭受所谓的特权升级攻击,其中任何子私钥及其父公钥的泄漏都会暴露其他子私钥。为了解决此安全漏洞,我们提出了一种新颖的HD钱包方案,该方案使用陷阱门哈希函数给出签名,而不是直接提供用于签名的私钥。由于它对任何子节点都隐藏私钥,因此可以防止特权升级攻击。然而,所提出的方案还提供了两个公共密钥之间的不可链接性,以实现用户身份的匿名性以及对大量密钥派生的高度可扩展性。因此,所提出的方案实现了用户匿名,公钥推导和高可扩展性。所提出的方案还提供了两个公共密钥之间的不可链接性,以实现用户身份的匿名性以及对大量密钥派生的高可伸缩性。因此,所提出的方案实现了用户匿名,公钥推导和高可扩展性。所提出的方案还提供了两个公共密钥之间的不可链接性,以实现用户身份的匿名性和对大量密钥派生的高可伸缩性。因此,所提出的方案实现了用户匿名,公钥推导和高可扩展性。
更新日期:2019-11-08
down
wechat
bug