计算机科学 ›› 2023, Vol. 50 ›› Issue (6): 307-312.doi: 10.11896/jsjkx.220600069

• 信息安全 • 上一篇    下一篇

基于秘密共享的多因素区块链私钥保护方案

肖健, 杨敏   

  1. 武汉大学国家网络安全学院空天信息安全与可信计算教育部重点实验室 武汉 430072
    武汉大学国家网络安全学院 武汉 430072
  • 收稿日期:2022-06-07 修回日期:2022-11-09 出版日期:2023-06-15 发布日期:2023-06-06
  • 通讯作者: 杨敏(yangm@whu.edu.cn)
  • 作者简介:(smithrb@163.com)
  • 基金资助:
    国家自然科学基金(62172308);国家重点研发计划(2021YFB2700200)

Multi-factor Blockchain Private Key Protection Scheme Based on Secret Sharing

XIAO Jian, YANG Min   

  1. Key Laboratory of Aerospace Information Security,Trusted Computing,Ministry of Education,School of Cyber Science,Engineering,Wuhan University,Wuhan 430072,China
    School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China
  • Received:2022-06-07 Revised:2022-11-09 Online:2023-06-15 Published:2023-06-06
  • About author:XIAO Jian,born in 1999,postgraduate,is a member of China Computer Federation.His main research interests include blockchain and applied cryptography.YANG Min,born in 1975,Ph.D,asso-ciate professor,master supervisor,is a member of China Computer Federation.Her main research interests include information security and applied cryptography.
  • Supported by:
    National Natural Science Foundation of China(62172308) and National Key R & D Program of China(2021YFB2700200).

摘要: 针对区块链缺少恢复机制导致用户私钥一旦丢失就难以找回的问题,提出了一种基于口令、秘密问题和指纹的多因素区块链私钥保护方案。该方案无需用户存储额外信息且可以完全在线上实施,并采用了抗遗忘的因素访问策略。在注册阶段,用户需要提供所有因素信息(包括口令、秘密问题和指纹)以及区块链私钥,并使用秘密共享方案为一组服务器分配秘密份额。在恢复阶段,用户仅需要提供部分因素并向多个服务器发送恢复申请,即可获得其秘密份额的信息并以此重构出区块链私钥。实验结果和启发式安全分析表明,该方案中客户端和服务端的计算开销都在毫秒级,可以抵抗已知攻击且通过支持多因素提供了更好的安全性。

关键词: 多因素区块链私钥保护, 秘密共享, 口令保护秘密共享, 模糊提取

Abstract: Aiming at the problem that the user's private key is difficult to retrieve once lost due to the lack of a recovery mechanism in the blockchain,a multi-factor blockchain private key protection scheme based on passwords,secret questions and fingerprints is proposed.The scheme does not require users to store additional information and can be implemented completely online,and adopts an anti-forgetting factor access strategy.During the registration phase,users need to provide all factor information(including password,secret question and fingerprint) and blockchain private key,and use a secret sharing scheme to assign a secret share to a group of servers.In the recovery phase,users only need to provide some factors and send recovery applications to multiple servers to obtain the information of their secret shares and reconstruct the private key of the blockchain.Experimental results and heuristic security analysis show that the computing cost of both client and server in this scheme is in milliseconds,and it can resist known attacks and provide better security by supporting multiple factors.

Key words: Multi-factor blockchain private key protection, Secret sharing, Password protected secret sharing, Fuzzy extraction

中图分类号: 

  • TP309.7
[1]HAN X,YUAN Y,WANG F Y.Security Problems on Block-chain:The State of the Art and Future Trends[J].Acta Automatica Sinica,2019,45(1):206-225.
[2]JIANG Y.Vernacular Blockchain [M].Beijing:China Machine Press,2017:363-365.
[3]LEE W,JIN J H,LEE M J.A Robust Identity Recovery Scheme for the Ethereum Blockchain Platform[J].International Information Institute(Tokyo).Information,2017,20(11):8133-8141.
[4]ZHU Y,XIA L,SENEVIRATNE O.A Proposal for AccountRecovery in Decentralized Applications[C]//2019 IEEE International Conference on Blockchain(Blockchain).Halifax:IEEE,2019:148-155.
[5]LUSETTI M,SALSI L,DALLATANA A.A Blockchain Based Solution for the Custody of Digital Files in Forensic Medicine[J].Forensic Science International:Digital Investigation,2020,35:1-11.
[6]RAMOS S,PIANESE F,LEACH T,et al.A Great Disturbance in the Crypto:Understanding Cryptocurrency Returns Under Attacks[J].Blockchain:Research and Applications,2021,2(3):100021.
[7]ALFANDI O,KHANJI S,AHMAD L,et al.A Survey on Boosting IoT Security and Privacy through Blockchain[J].Cluster Computing,2021,24(1):37-55.
[8]JARECKI S,KIAYIAS A,KRAWCZYK H,et al.TOPPSS:Cost-Minimal Password-Protected Secret Sharing Based on Threshold OPRF[C]//International Conference on Applied Cryptography and Network Security.Cham:Springer,2017:39-58.
[9]JIANG J,WANG D,ZHANG G,et al.Quantum-Resistant Password-Based Threshold Single-Sign-On Authentication with Updatable Server Private Key[C]//European Symposium on Research in Computer Security.Cham:Springer,2022:295-316.
[10]HITAJ B,GASTI P,ATENIESE G,et al.Passgan:A DeepLearning Approach for Password Guessing[C]//International Conference on Applied Cryptography and Network Security.Cham:Springer,2019:217-237.
[11] LEE K,SJÖBERG S,NARAYANAN A.Password Policies of Most Top Websites Fail to Follow Best Practices[C]//Eighteenth Symposium on Usable Privacy and Security.2022:561-580.
[12]LAI Y L,LI M,LIANG S N,et al.Lossless Fuzzy ExtractorEnabled Secure Authentication Using Low Entropy Noisy Sources[J].Journal of Information Security and Applications,2021,58:43-49.
[13]CANETTI R,FULLER B,PANETH O,et al.Reusable Fuzzy Extractors for Low-Entropy Distributions[J].Journal of Cryptology,2021,34(1):1-33.
[14]MICALLEF N,ARACHCHILAGE N A G.UnderstandingUsers' Perceptions to Improve Fallback Authentication[J].Personal and Ubiquitous Computing,2021,25(5):893-910.
[15]YANG W,WANG S,HU J,et al.Security and Accuracy of Fingerprint-Based Biometrics:A review[J].Symmetry,2019,11(2):141.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!