KCRS: A Blockchain-Based Key Compromise Resilient Signature System

Lei Xu; Lin Chen; Zhimin Gao; Xinxin Fan; Kimberly Doan; Shouhuai Xu; Weidong Shi

doi:10.1007/978-981-15-2777-7_19

KCRS: A Blockchain-Based Key Compromise Resilient Signature System

Lei Xu, Lin Chen, Zhimin Gao, Xinxin Fan, Kimberly Doan, Shouhuai Xu, Weidong Shi

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Scopus citations

Abstract

Digital signatures are widely used to assure authenticity and integrity of messages (including blockchain transactions). This assurance is based on assumption that the private signing key is kept secret, which may be exposed or compromised without being detected in the real world. Many schemes have been proposed to mitigate this problem, but most schemes are not compatible with widely used digital signature standards and do not help detect private key exposures. In this paper, we propose a Key Compromise Resilient Signature (KCRS) system, which leverages blockchain to detect key compromises and mitigate the consequences. Our solution keeps a log of valid certificates and digital signatures that have been issued on the blockchain, which can deter the abuse of compromised private keys. Since the blockchain is an open system, KCRS also provides a privacy protection mechanism to prevent the public from learning the relationship between signatures. We present a theoretical framework for the security of the system and a provably-secure construction. We also implement a prototype of KCRS and conduct experiments to demonstrate its practicability.

Original language	English
Title of host publication	Blockchain and Trustworthy Systems - 1st International Conference, BlockSys 2019, Proceedings
Editors	Zibin Zheng, Xiangping Chen, Hong-Ning Dai, Mingdong Tang
Publisher	Springer
Pages	226-239
Number of pages	14
ISBN (Print)	9789811527760
DOIs	https://doi.org/10.1007/978-981-15-2777-7_19
State	Published - 2020
Event	1st International Conference on Blockchain and Trustworthy Systems, BlockSys 2019 - Guangzhou, China Duration: Dec 7 2019 → Dec 8 2019

Publication series

Name	Communications in Computer and Information Science
Volume	1156 CCIS
ISSN (Print)	1865-0929
ISSN (Electronic)	1865-0937

Conference

Conference	1st International Conference on Blockchain and Trustworthy Systems, BlockSys 2019
Country/Territory	China
City	Guangzhou
Period	12/7/19 → 12/8/19

Keywords

Blockchain
Digital signature
Exposure detection
Key Compromise Resilient
Privacy

Access to Document

10.1007/978-981-15-2777-7_19

Cite this

Xu, L., Chen, L., Gao, Z., Fan, X., Doan, K., Xu, S., & Shi, W. (2020). KCRS: A Blockchain-Based Key Compromise Resilient Signature System. In Z. Zheng, X. Chen, H-N. Dai, & M. Tang (Eds.), Blockchain and Trustworthy Systems - 1st International Conference, BlockSys 2019, Proceedings (pp. 226-239). (Communications in Computer and Information Science; Vol. 1156 CCIS). Springer. https://doi.org/10.1007/978-981-15-2777-7_19

@inproceedings{392125af355a456f9914f18ca4f69e6d,

title = "KCRS: A Blockchain-Based Key Compromise Resilient Signature System",

abstract = "Digital signatures are widely used to assure authenticity and integrity of messages (including blockchain transactions). This assurance is based on assumption that the private signing key is kept secret, which may be exposed or compromised without being detected in the real world. Many schemes have been proposed to mitigate this problem, but most schemes are not compatible with widely used digital signature standards and do not help detect private key exposures. In this paper, we propose a Key Compromise Resilient Signature (KCRS) system, which leverages blockchain to detect key compromises and mitigate the consequences. Our solution keeps a log of valid certificates and digital signatures that have been issued on the blockchain, which can deter the abuse of compromised private keys. Since the blockchain is an open system, KCRS also provides a privacy protection mechanism to prevent the public from learning the relationship between signatures. We present a theoretical framework for the security of the system and a provably-secure construction. We also implement a prototype of KCRS and conduct experiments to demonstrate its practicability.",

keywords = "Blockchain, Digital signature, Exposure detection, Key Compromise Resilient, Privacy",

author = "Lei Xu and Lin Chen and Zhimin Gao and Xinxin Fan and Kimberly Doan and Shouhuai Xu and Weidong Shi",

note = "Funding Information: Acknowledgment. This work is supported in part by AFRL Grant #FA8750-19-1-0019 and NSF CREST Grant #1736209. Publisher Copyright: {\textcopyright} 2020, Springer Nature Singapore Pte Ltd.; 1st International Conference on Blockchain and Trustworthy Systems, BlockSys 2019 ; Conference date: 07-12-2019 Through 08-12-2019",

year = "2020",

doi = "10.1007/978-981-15-2777-7_19",

language = "English",

isbn = "9789811527760",

series = "Communications in Computer and Information Science",

publisher = "Springer",

pages = "226--239",

editor = "Zibin Zheng and Xiangping Chen and Hong-Ning Dai and Mingdong Tang",

booktitle = "Blockchain and Trustworthy Systems - 1st International Conference, BlockSys 2019, Proceedings",

}

Xu, L, Chen, L, Gao, Z, Fan, X, Doan, K, Xu, S & Shi, W 2020, KCRS: A Blockchain-Based Key Compromise Resilient Signature System. in Z Zheng, X Chen, H-N Dai & M Tang (eds), Blockchain and Trustworthy Systems - 1st International Conference, BlockSys 2019, Proceedings. Communications in Computer and Information Science, vol. 1156 CCIS, Springer, pp. 226-239, 1st International Conference on Blockchain and Trustworthy Systems, BlockSys 2019, Guangzhou, China, 12/7/19. https://doi.org/10.1007/978-981-15-2777-7_19

KCRS: A Blockchain-Based Key Compromise Resilient Signature System. / Xu, Lei; Chen, Lin; Gao, Zhimin et al.
Blockchain and Trustworthy Systems - 1st International Conference, BlockSys 2019, Proceedings. ed. / Zibin Zheng; Xiangping Chen; Hong-Ning Dai; Mingdong Tang. Springer, 2020. p. 226-239 (Communications in Computer and Information Science; Vol. 1156 CCIS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - KCRS

T2 - 1st International Conference on Blockchain and Trustworthy Systems, BlockSys 2019

AU - Xu, Lei

AU - Chen, Lin

AU - Gao, Zhimin

AU - Fan, Xinxin

AU - Doan, Kimberly

AU - Xu, Shouhuai

AU - Shi, Weidong

PY - 2020

Y1 - 2020

N2 - Digital signatures are widely used to assure authenticity and integrity of messages (including blockchain transactions). This assurance is based on assumption that the private signing key is kept secret, which may be exposed or compromised without being detected in the real world. Many schemes have been proposed to mitigate this problem, but most schemes are not compatible with widely used digital signature standards and do not help detect private key exposures. In this paper, we propose a Key Compromise Resilient Signature (KCRS) system, which leverages blockchain to detect key compromises and mitigate the consequences. Our solution keeps a log of valid certificates and digital signatures that have been issued on the blockchain, which can deter the abuse of compromised private keys. Since the blockchain is an open system, KCRS also provides a privacy protection mechanism to prevent the public from learning the relationship between signatures. We present a theoretical framework for the security of the system and a provably-secure construction. We also implement a prototype of KCRS and conduct experiments to demonstrate its practicability.

AB - Digital signatures are widely used to assure authenticity and integrity of messages (including blockchain transactions). This assurance is based on assumption that the private signing key is kept secret, which may be exposed or compromised without being detected in the real world. Many schemes have been proposed to mitigate this problem, but most schemes are not compatible with widely used digital signature standards and do not help detect private key exposures. In this paper, we propose a Key Compromise Resilient Signature (KCRS) system, which leverages blockchain to detect key compromises and mitigate the consequences. Our solution keeps a log of valid certificates and digital signatures that have been issued on the blockchain, which can deter the abuse of compromised private keys. Since the blockchain is an open system, KCRS also provides a privacy protection mechanism to prevent the public from learning the relationship between signatures. We present a theoretical framework for the security of the system and a provably-secure construction. We also implement a prototype of KCRS and conduct experiments to demonstrate its practicability.

KW - Blockchain

KW - Digital signature

KW - Exposure detection

KW - Key Compromise Resilient

KW - Privacy

UR - http://www.scopus.com/inward/record.url?scp=85079241553&partnerID=8YFLogxK

U2 - 10.1007/978-981-15-2777-7_19

DO - 10.1007/978-981-15-2777-7_19

M3 - Conference contribution

AN - SCOPUS:85079241553

SN - 9789811527760

T3 - Communications in Computer and Information Science

SP - 226

EP - 239

BT - Blockchain and Trustworthy Systems - 1st International Conference, BlockSys 2019, Proceedings

A2 - Zheng, Zibin

A2 - Chen, Xiangping

A2 - Dai, Hong-Ning

A2 - Tang, Mingdong

PB - Springer

Y2 - 7 December 2019 through 8 December 2019

ER -

Xu L, Chen L, Gao Z, Fan X, Doan K, Xu S et al. KCRS: A Blockchain-Based Key Compromise Resilient Signature System. In Zheng Z, Chen X, Dai H-N, Tang M, editors, Blockchain and Trustworthy Systems - 1st International Conference, BlockSys 2019, Proceedings. Springer. 2020. p. 226-239. (Communications in Computer and Information Science). doi: 10.1007/978-981-15-2777-7_19

KCRS: A Blockchain-Based Key Compromise Resilient Signature System

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this