# Adaptable Cryptographic Primitives in Blockchains via Smart Contracts

^{*}

## Abstract

**:**

## 1. Introduction

#### 1.1. Background

- Lattice-based: lattices are discrete additive groups on which it is possible to define problems based on the length of the vectors contained in a lattice. These problems have been proved to be post-quantum resistant [12]. Notable examples of this category are CRYSTALS-Dilithium [13] and Falcon [14].

#### 1.2. State of the Art

#### 1.3. Our Approach

#### 1.4. Roadmap

## 2. Cryptographic Kernel

- an implementation reference;
- a list of sets of parameters, achieving different levels of security;
- a list of tests for evaluating the robustness of any set of parameters.

- all users have read access to the content;
- all users may submit a new set of parameters for an already available algorithm;
- (a pool of) all users may modify the smart contract.

#### 2.1. Structure of the CK Smart Contract

- Basic: suitable for less powerful devices and interaction with legacy applications;
- Intermediate: a middle tier that strengthens the security while balancing efficiency;
- Enhanced: a higher-security level, that is fit for more sensitive and long-term information.

#### 2.2. Signing and Verifying

#### 2.3. Adding New Parameters Sets

- (1)
- The proposed parameters do not pass the tests needed to guarantee at least a minimum level of security. The CK smart contract returns an error and the user is strongly discouraged to employ those parameters for the creation of digital signatures. Indeed, in this case, other users do not recognize that parameters set as a valid one because it is not contained in the possible choices given by the CK smart contract. Therefore the signature is not considered secure and it is rejected by the community.
- (2)
- The parameters pass the mandatory tests provided in the validation suite and are therefore added to the list of permitted parameters for one of the security levels, together with a timestamp. From this moment on, any user may use this new set of parameters.

#### 2.4. Update of the Validation Suite

#### 2.5. Adding and Deprecating Algorithms

## 3. Application to Quadrans Blockchain

**Example**

**1.**

- Key Generation
- Create a key-pair performing the following steps:
- The private key is an integer d selected uniformly at random in the interval $[1,q-1]$.
- The public key is the elliptic curve point $\mathcal{Q}=d\mathcal{B}$.

- Signing
- Given a key-pair $(d,\mathcal{Q})$ and a message digest M, compute the signature performing the following steps:
- Pick an integer k uniformly at random in the interval $[1,q-1]$.
- Compute the point $\mathcal{R}=({\mathcal{R}}_{x},{\mathcal{R}}_{y})={k}^{-1}\mathcal{B}$.
- Interpret the message digest M as an integer e.
- Compute $s=k(e+rd)$, where $r={\mathcal{R}}_{x}$.
- The signature is the pair $(r,s)$.

- Verification
- To verify a signature $(r,s)$ on a message digest M perform the following steps:
- Check that $r,s\in [1,q-1]$.
- Interpret the message digest M as an integer e.
- Compute ${u}_{1}=e{s}^{-1}\mathit{mod}q$ and ${u}_{2}=r{s}^{-1}\mathit{mod}q$.
- Compute the point $\mathcal{U}=({\mathcal{U}}_{x},{\mathcal{U}}_{y})={u}_{1}\mathcal{B}+{u}_{2}\mathcal{Q}$.
- Check that $r\equiv {\mathcal{U}}_{x}\mathit{mod}q$.

`000001`of the six most significant bits of the discerning byte currently symbolises ECDSA.

- 1.
- p must be prime;
- 2.
- q must be a prime different from p;
- 3.
- $a,b,p$ must define an elliptic curve, i.e., a non-singular cubic;
- 4.
- the point $\mathcal{B}=({\mathcal{B}}_{x},{\mathcal{B}}_{y})$ must belong to the elliptic curve and be different from the neutral element $\mathcal{O}$ of the group;
- 5.
- q must be the order of $\mathcal{B}$ (it is sufficient to check that $q\xb7\mathcal{B}=\mathcal{O}$);
- 6.
- security against Pollard’s rho algorithm: ${log}_{2}\left(\sqrt{\frac{\pi}{4}q}\right)=:\rho >78$;
- 7.
- security against transfers: the order of p in ${\mathbb{F}}_{q}^{*}$, called embedding degree, must be greater than $\frac{q-1}{78}$, where ${\mathbb{F}}_{q}^{*}$ denotes the multiplicative group of non-zero elements of ${\mathbb{F}}_{q}$;
- 8.
- optional test: the complex-multiplication field discriminant should be larger than ${2}^{78}$.

`05`) identifies the scheme and therefore how to process the rest. Its binary representation is:

## 4. Future Directions

## 5. Conclusions

## Author Contributions

## Funding

## Acknowledgments

## Conflicts of Interest

## References

- Jakobsson, M.; Juels, A. Proofs of work and bread pudding protocols. In Secure Information Networks; Springer: Boston, MA, USA, 1999; pp. 258–272. [Google Scholar]
- King, S.; Nadal, S. Ppcoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake. Self-Published Paper. 2012, Volume 19. Available online: https://bitcoin.peryaudo.org/vendor/peercoin-paper.pdf (accessed on 20 June 2022).
- Rivest, R.L.; Shamir, A.; Adleman, L.M. A Method for Obtaining Digital Signatures and Public Key Cryptosystems; Routledge: London, UK, 2019. [Google Scholar]
- Gilles, B.; Hoyer, P.; Tapp, A. Quantum algorithm for the collision problem. arXiv
**1997**, arXiv:quant-ph/9705002. [Google Scholar] - McCurley, K.S. The discrete logarithm problem. In Proceedings of the Symposia in Applied Mathematics, Boulder, CO, USA, 6–7 August 1989; Volume 42, pp. 49–74. [Google Scholar]
- Rabah, K. Security of the Cryptographic Protocols Based on Discrete Logarithm Problem. J. Appl. Sci.
**2005**, 5, 1692–1712. [Google Scholar] [CrossRef] [Green Version] - Galbraith, S.D.; Gaudry, P. Recent progress on the elliptic curve discrete logarithm problem. Des. Codes Cryptogr.
**2016**, 78, 51–72. [Google Scholar] [CrossRef] - Kerry, C.F.; Director, C. FIPS PUB 186-4 Federal Information Processing Standards Publication Digital Signature Standard (DSS). 2013. Available online: http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.362.5590 (accessed on 20 June 2022).
- Josefsson, S.; Liusvaara, I. Edwards-Curve Digital Signature Algorithm (EdDSA). In Proceedings of the Internet Research Task Force, Crypto Forum Research Group, RFC; 2017; Volume 8032. Available online: https://www.rfc-editor.org/rfc/rfc8032.html (accessed on 20 June 2022).
- Shor, P.W. Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings of the Proceedings 35th annual symposium on Foundations of Computer Science, Santa Fe, NM, USA, 20–22 November 1994; pp. 124–134. [Google Scholar]
- National Institute of Standards and Technology. Post-Quantum Cryptography Standardization—Post-Quantum Cryptography. Available online: https://csrc.nist.gov/Projects/post-quantum-cryptography (accessed on 28 June 2022).
- Micciancio, D.; Regev, O. Lattice-based cryptography. In Post-Quantum Cryptography; Springer: Berlin/Heidelberg, Germany, 2009; pp. 147–191. [Google Scholar]
- Ducas, L.; Kiltz, E.; Lepoint, T.; Lyubashevsky, V.; Schwabe, P.; Seiler, G.; Stehlé, D. CRYSTALS-Dilithium: A Lattice-Based Digital Signature Scheme. IACR Trans. Cryptogr. Hardw. Embed. Syst.
**2018**, 2018, 238–268. [Google Scholar] [CrossRef] - Fouque, P.A.; Hoffstein, J.; Kirchner, P.; Lyubashevsky, V.; Pornin, T.; Prest, T.; Ricosset, T.; Seiler, G.; Whyte, W.; Zhang, Z. FALCON: Fast-Fourier Lattice-Based Compact Signatures over NTRU. Submission to the NIST’s Post-Quantum Cryptography Standardization Process 2020. Available online: https://www.di.ens.fr/~prest/Publications/falcon.pdf (accessed on 20 June 2022).
- Bulygin, S.; Petzoldt, A.; Buchmann, J. Towards provable security of the unbalanced oil and vinegar signature scheme under direct attacks. In Proceedings of the International Conference on Cryptology in India, Hyderabad, India, 12–15 December 2010; Springer: Berlin/Heidelberg, Germay, 2010; pp. 17–32. [Google Scholar]
- Ding, J.; Chen, M.S.; Petzoldt, A.; Schmidt, D.; Yang, B.Y.; Kannwischer, M.; Patarin, J. Rainbow—Algorithm Specification and Documentation. Submission to the NIST’s Post-Quantum Cryptography Standardization Process 2015. Available online: https://troll.iis.sinica.edu.tw/by-publ/recent/Rainbow3round.pdf (accessed on 20 June 2022).
- Casanova, A.; Faugere, J.C.; Macario-Rat, G.; Patarin, J.; Perret, L.; Ryckeghem, J. GeMSS: A Great Multivariate Short Signature. Submission to the NIST’s Post-Quantum Cryptography Standardization Process 2017. Available online: https://hal.inria.fr/hal-01662158/file/doc.pdf (accessed on 20 June 2022).
- Pereira, G.C.; Puodzius, C.; Barreto, P.S. Shorter hash-based signatures. J. Syst. Softw.
**2016**, 116, 95–100. [Google Scholar] [CrossRef] - Bernstein, D.J.; Hülsing, A.; Kölbl, S.; Niederhagen, R.; Rijneveld, J.; Schwabe, P. The SPHINCS+ signature framework. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, London, UK, 11–15 November 2019; pp. 2129–2146. [Google Scholar]
- Di Chiano, N.; Longo, R.; Meneghetti, A.; Santilli, G. A survey on NIST PQ signatures. arXiv
**2021**, arXiv:2107.11082. [Google Scholar] - Sato, M.; Matsuo, S. Long-term public blockchain: Resilience against compromise of underlying cryptography. In Proceedings of the 2017 26th International Conference on Computer Communication and Networks (ICCCN), Vancouver, BC, Canada, 31 July–3 August 2017; pp. 1–8. [Google Scholar]
- Chen, F.; Liu, Z.; Long, Y.; Liu, Z.; Ding, N. Secure scheme against compromised hash in proof-of-work blockchain. In Proceedings of the International Conference on Network and System Security, Hong Kong, China, 27–29 August 2018; Springer: Cham, Switzerland, 2018; pp. 1–15. [Google Scholar]
- Stewart, I.; Ilie, D.; Zamyatin, A.; Werner, S.; Torshizi, M.; Knottenbelt, W.J. Committing to quantum resistance: A slow defence for Bitcoin against a fast quantum computing attack. R. Soc. Open Sci.
**2018**, 5, 180410. [Google Scholar] [CrossRef] [PubMed] [Green Version] - Li, C.Y.; Chen, X.B.; Chen, Y.L.; Hou, Y.Y.; Li, J. A new lattice-based signature scheme in post-quantum blockchain network. IEEE Access
**2018**, 7, 2026–2033. [Google Scholar] [CrossRef] - Yin, W.; Wen, Q.; Li, W.; Zhang, H.; Jin, Z. An anti-quantum transaction authentication approach in blockchain. IEEE Access
**2018**, 6, 5393–5401. [Google Scholar] [CrossRef] - Chen, J.; Gan, W.; Hu, M.; Chen, C.M. On the construction of a post-quantum blockchain for smart city. J. Inf. Secur. Appl.
**2021**, 58, 102780. [Google Scholar] [CrossRef] - Faridi, A.R.; Masood, F.; Shamsan, A.H.T.; Luqman, M.; Salmony, M.Y. Blockchain in the Quantum World. arXiv
**2022**, arXiv:2202.00224. [Google Scholar] [CrossRef] - Fernandez-Carames, T.M.; Fraga-Lamas, P. Towards post-quantum blockchain: A review on blockchain cryptography resistant to quantum computing attacks. IEEE Access
**2020**, 8, 21091–21116. [Google Scholar] [CrossRef] - Buterin, V. Ethereum: A Next Generation Smart Contract and Decentralized Application Platform. 2013. Available online: https://github.com/ethereum/wiki/wiki/White-Paper (accessed on 20 June 2022).
- Beullens, W. Breaking Rainbow Takes a Weekend on a Laptop. Cryptol. ePrint Arch.
**2022**. eprint.iacr.org/2022/214. [Google Scholar] - Costa, D.; Fiori, F.; Sala, M.; Vitale, A.; Vitale, M. Introducing Quadrans. 2019. Available online: https://quadrans.io/content/files/quadrans-light-paper-en.pdf (accessed on 28 June 2022).
- Costa, D.; Fiori, F.; Milan, P.; Sala, M.; Vitale, A.; Vitale, M. Quadrans Whitepaper. 2019. Available online: https://quadrans.io/content/files/quadrans-white-paper-rev01.pdf (accessed on 28 June 2022).
- Battagliola, M.; Flamini, A.; Longo, R.; Meneghetti, A.; Sala, M. Quadrans Yellow Paper. 2021. Available online: https://quadrans.foundation/content/files/quadrans-yellow-paper-rev1.pdf (accessed on 28 June 2022).
- Coglio, A. Ethereum’s Recursive Length Prefix in ACL2. arXiv
**2019**, arXiv:2009.13769. [Google Scholar] [CrossRef] - Bernstein, D.J.; Lange, T. SafeCurves: Choosing Safe Curves for Elliptic-Curve Cryptography; University of Illinois at Chicago: Chicago, IL, USA, 2014. [Google Scholar]
- Brown, D.R. Standards for efficient cryptography SEC 2: Recommended elliptic curve domain parameters. In Certicom Research; Certicom Corp: Mississauga, ON, Canada, 2010. [Google Scholar]
- Lochter, M.; Merkle, J. Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation. Technical Report, RFC 5639, March 2010. Available online: https://www.rfc-editor.org/rfc/rfc5639.html (accessed on 20 June 2022).
- Cho, I.K.; Kreps, D.M. Signaling games and stable equilibria. Q. J. Econ.
**1987**, 102, 179–221. [Google Scholar] [CrossRef] - Sobel, J. Signaling games. Encycl. Complex. Syst. Sci.
**2009**, 19, 8125–8139. [Google Scholar]

**Figure 1.**The information contained in the CK smart contract: a list of algorithms, parameters sets with their relative security level and timestamps, and the validation suite for each algorithm. Each algorithm has a flag to denote if it has been deprecated.

**Figure 2.**Workflow of the signing process: a user consults the CK Smart Contract to decide the algorithm, the level of security and the parameters set.

**Figure 3.**Workflow of verification process: on the left a user signs a message and sends it to the others. On the right these other users query the CK smart contract and verify the signature.

**Figure 4.**Active communication between a user and a given smart contract. The user tries to add a new set of parameter, and the smart contract answers positively or negatively depending on the outcome of the security test.

**Figure 5.**The CK smart contract lists all the available algorithms. The committee has decided to deprecate ECDSA, by omitting it in the new version of the CK smart contract.

Parameter Sets | Tests |
---|---|

Set 1 | Test 1 |

• Intermediate: ${T}_{k}$ | • Added: ${T}_{k}$ |

• Basic: ${T}_{k}+{t}_{1}$ | |

• Deprecated: ${T}_{k}+{t}_{1}+{t}_{2}$ | Test 2 |

Set 2 | • Added: ${T}_{k}$ |

⋯ | |

Test 3 | |

Set n | • Added: ${T}_{k}+{t}_{1}$ |

• Modified: ${T}_{k}+{t}_{1}+{t}_{2}$ |

Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |

© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Longo, R.; Mascia, C.; Meneghetti, A.; Santilli, G.; Tognolini, G.
Adaptable Cryptographic Primitives in Blockchains via Smart Contracts. *Cryptography* **2022**, *6*, 32.
https://doi.org/10.3390/cryptography6030032

**AMA Style**

Longo R, Mascia C, Meneghetti A, Santilli G, Tognolini G.
Adaptable Cryptographic Primitives in Blockchains via Smart Contracts. *Cryptography*. 2022; 6(3):32.
https://doi.org/10.3390/cryptography6030032

**Chicago/Turabian Style**

Longo, Riccardo, Carla Mascia, Alessio Meneghetti, Giordano Santilli, and Giovanni Tognolini.
2022. "Adaptable Cryptographic Primitives in Blockchains via Smart Contracts" *Cryptography* 6, no. 3: 32.
https://doi.org/10.3390/cryptography6030032