IACR News item: 19 February 2024
Chun Guo, Xiao Wang, Xiang Xie, Yu Yu
ePrint Report
Multi-user (mu) security considers large-scale attackers that, given access to a number of cryptosystem in
stances, attempt to compromise at least one of them. We initiate the study of mu security of the so-called
GGMtree that stems from the PRG-to-PRF transformation of Goldreich, Goldwasser, and Micali, with a goal
to provide references for its recently popularized use in applied cryptography. We propose a generalized
model for GGM trees and analyze its mu prefix-constrained PRF security in the random oracle model. Our
model allows to derive concrete bounds and improvements for various protocols, and we showcase on the
Bitcoin-Improvement-Proposal standard Bip32 hierarchical wallets and function secret sharing (FSS) proto
cols. In both scenarios, we propose improvements with better performance and concrete security bounds at
the same time. Compared with the state-of-the-art designs, our SHACAL3- and KeccaK-?-based Bip32 vari
ants reduce the communication cost of MPC-based implementations by 73.3%∼93.8%, while our AES-based
FSS substantially improves mu security while reducing computations by 50%.
Additional news items may be found on the IACR news page.