Bitcoin as a Transaction Ledger: A Composable Treatment

Christian Badertscher; Ueli Maurer; Daniel Tschudi; Vassilis Zikas

doi:10.1007/978-3-319-63688-7_11

Bitcoin as a Transaction Ledger: A Composable Treatment

Christian Badertscher, Ueli Maurer, Daniel Tschudi, Vassilis Zikas

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Bitcoin is one of the most prominent examples of a distributed cryptographic protocol that is extensively used in reality. Nonetheless, existing security proofs are property-based, and as such they do not support composition.

In this work we put forth a universally composable treatment of the Bitcoin protocol. We specify the goal that Bitcoin aims to achieve as a ledger functionality in the (G)UC model of Canetti et al. [TCC’07]. Our ledger functionality is weaker than the one recently proposed by Kiayias, Zhou, and Zikas [EUROCRYPT’16], but unlike the latter suggestion, which is arguably not implementable given the Bitcoin assumptions, we prove that the one proposed here is securely UC realized under standard assumptions by an appropriate abstraction of Bitcoin as a UC protocol. We further show how known property-based approaches can be cast as special instances of our treatment and how their underlying assumptions can be cast in (G)UC without restricting the environment or the adversary.

Original language	English
Title of host publication	Advances in Cryptology – CRYPTO 2017
Editors	J. Katz, H. Shacham
Publisher	Springer
Pages	324-356
Number of pages	33
ISBN (Electronic)	978-3-319-63688-7
ISBN (Print)	978-3-319-63687-0
DOIs	https://doi.org/10.1007/978-3-319-63688-7_11
Publication status	Published - 29 Jul 2017
Event	CRYPTO 2017: 37th Annual International Cryptology Conference - University of California, Santa Barbara, Santa Barbara, United States Duration: 20 Aug 2016 → 24 Aug 2017 https://www.iacr.org/conferences/crypto2017/ https://www.iacr.org/conferences/crypto2017/

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer Verlag
Volume	10401
ISSN (Print)	0302-9743

Conference

Conference	CRYPTO 2017
Abbreviated title	CRYPTO 2017
Country/Territory	United States
City	Santa Barbara
Period	20/08/16 → 24/08/17
Internet address	https://www.iacr.org/conferences/crypto2017/ https://www.iacr.org/conferences/crypto2017/

Access to Document

10.1007/978-3-319-63688-7_11

Vassilis Zikas
- School of Informatics - UoE Honorary staff
Person: Affiliated Independent Researcher

Cite this

@inproceedings{447dbc9e666d4a6e8de67ca5491dde47,

title = "Bitcoin as a Transaction Ledger: A Composable Treatment",

abstract = "Bitcoin is one of the most prominent examples of a distributed cryptographic protocol that is extensively used in reality. Nonetheless, existing security proofs are property-based, and as such they do not support composition.In this work we put forth a universally composable treatment of the Bitcoin protocol. We specify the goal that Bitcoin aims to achieve as a ledger functionality in the (G)UC model of Canetti et al. [TCC{\textquoteright}07]. Our ledger functionality is weaker than the one recently proposed by Kiayias, Zhou, and Zikas [EUROCRYPT{\textquoteright}16], but unlike the latter suggestion, which is arguably not implementable given the Bitcoin assumptions, we prove that the one proposed here is securely UC realized under standard assumptions by an appropriate abstraction of Bitcoin as a UC protocol. We further show how known property-based approaches can be cast as special instances of our treatment and how their underlying assumptions can be cast in (G)UC without restricting the environment or the adversary.",

author = "Christian Badertscher and Ueli Maurer and Daniel Tschudi and Vassilis Zikas",

year = "2017",

month = jul,

day = "29",

doi = "10.1007/978-3-319-63688-7_11",

language = "English",

isbn = "978-3-319-63687-0",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "324--356",

editor = "J. Katz and H. Shacham",

booktitle = "Advances in Cryptology – CRYPTO 2017",

note = "CRYPTO 2017 : 37th Annual International Cryptology Conference, CRYPTO 2017 ; Conference date: 20-08-2016 Through 24-08-2017",

url = "https://www.iacr.org/conferences/crypto2017/, https://www.iacr.org/conferences/crypto2017/",

}

TY - GEN

T1 - Bitcoin as a Transaction Ledger: A Composable Treatment

AU - Badertscher, Christian

AU - Maurer, Ueli

AU - Tschudi, Daniel

AU - Zikas, Vassilis

PY - 2017/7/29

Y1 - 2017/7/29

N2 - Bitcoin is one of the most prominent examples of a distributed cryptographic protocol that is extensively used in reality. Nonetheless, existing security proofs are property-based, and as such they do not support composition.In this work we put forth a universally composable treatment of the Bitcoin protocol. We specify the goal that Bitcoin aims to achieve as a ledger functionality in the (G)UC model of Canetti et al. [TCC’07]. Our ledger functionality is weaker than the one recently proposed by Kiayias, Zhou, and Zikas [EUROCRYPT’16], but unlike the latter suggestion, which is arguably not implementable given the Bitcoin assumptions, we prove that the one proposed here is securely UC realized under standard assumptions by an appropriate abstraction of Bitcoin as a UC protocol. We further show how known property-based approaches can be cast as special instances of our treatment and how their underlying assumptions can be cast in (G)UC without restricting the environment or the adversary.

AB - Bitcoin is one of the most prominent examples of a distributed cryptographic protocol that is extensively used in reality. Nonetheless, existing security proofs are property-based, and as such they do not support composition.In this work we put forth a universally composable treatment of the Bitcoin protocol. We specify the goal that Bitcoin aims to achieve as a ledger functionality in the (G)UC model of Canetti et al. [TCC’07]. Our ledger functionality is weaker than the one recently proposed by Kiayias, Zhou, and Zikas [EUROCRYPT’16], but unlike the latter suggestion, which is arguably not implementable given the Bitcoin assumptions, we prove that the one proposed here is securely UC realized under standard assumptions by an appropriate abstraction of Bitcoin as a UC protocol. We further show how known property-based approaches can be cast as special instances of our treatment and how their underlying assumptions can be cast in (G)UC without restricting the environment or the adversary.

U2 - 10.1007/978-3-319-63688-7_11

DO - 10.1007/978-3-319-63688-7_11

M3 - Conference contribution

SN - 978-3-319-63687-0

T3 - Lecture Notes in Computer Science

SP - 324

EP - 356

BT - Advances in Cryptology – CRYPTO 2017

A2 - Katz, J.

A2 - Shacham, H.

PB - Springer

T2 - CRYPTO 2017

Y2 - 20 August 2016 through 24 August 2017

ER -

Bitcoin as a Transaction Ledger: A Composable Treatment

Abstract

Publication series

Conference

Access to Document

Fingerprint

Profiles

Vassilis Zikas

Cite this