Secure hierarchical deterministic wallet supporting stealth address

Author

Xin YIN, Shanghai Jiao Tong University
Zhen LIU
Guomin YANG, Singapore Management UniversityFollow
Guoxing CHEN
Haojin ZHU

Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

9-2022

Abstract

Over the past decade, cryptocurrency has been undergoing a rapid development. Digital wallet, as the tool to store and manage the cryptographic keys, is the primary entrance for the public to access cryptocurrency assets. Hierarchical Deterministic Wallet (HDW), proposed in Bitcoin Improvement Proposal 32 (BIP32), has attracted much attention and been widely used in the community, due to its virtues such as easy backup/recovery, convenient cold-address management, and supporting trust-less audits and applications in hierarchical organizations. While HDW allows the wallet owner to generate and manage his keys conveniently, Stealth Address (SA) allows a payer to generate fresh address (i.e., public key) for the receiver without any interaction, so that users can achieve “one coin each address” in a very convenient manner, which is widely regarded as a simple but effective way to protect user privacy. Consequently, SA has also attracted much attention and been widely used in the community. However, as so far, there is not a secure wallet algorithm that provides the virtues of both HDW and SA. Actually, even for standalone HDW, to the best of our knowledge, there is no strict definition of syntax and models that captures the functionality and security (i.e., safety of coins and privacy of users) requirements that practical scenarios in cryptocurrency impose on wallet. As a result, the existing wallet algorithms either have (potential) security flaws or lack crucial functionality features.In this work, after investigating HDW and SA comprehensively and deeply, we formally define the syntax and security models of Hierarchical Deterministic Wallet supporting Stealth Address (HDWSA), capturing the functionality and security (including safety and privacy) requirements imposed by the practice in cryptocurrency, which include all the versatile functionalities that lead to the popularity of HDW and SA as well as all the security guarantees that underlie these functionalities. We propose a concrete HDWSA construction and prove its security in the random oracle model. We implement our scheme and the experimental results show that the efficiency is suitable for typical cryptocurrency settings.

Keywords

Signature scheme, Hierarchical deterministic wallet, Stealth address, Blockchain, Cryptocurrency

Discipline

Databases and Information Systems | Finance and Financial Management | Information Security

Research Areas

Cybersecurity

Publication

Computer Security ESORICS 2022: 27th European Symposium on Research, Copenhagen, Denmark, September 26-30: Proceedings

Volume

13554

First Page

89

Last Page

109

ISBN

9783031171406

Identifier

10.1007/978-3-031-17140-6_5

Publisher

Springer

City or Country

Cham

Citation

YIN, Xin; LIU, Zhen; YANG, Guomin; CHEN, Guoxing; and ZHU, Haojin. Secure hierarchical deterministic wallet supporting stealth address. (2022). Computer Security ESORICS 2022: 27th European Symposium on Research, Copenhagen, Denmark, September 26-30: Proceedings. 13554, 89-109.
Available at: https://ink.library.smu.edu.sg/sis_research/7476

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1007/978-3-031-17140-6_5