EthereumX: Improving Signature Security With Randomness Preprocessing Module

Ethereum leverages ECDSA as the digital signature scheme to validate transactions. From the provable security standpoint, ECDSA built on an 80-bit security Elliptic Curve group can achieve at most 50-bit concrete security, rather than 80-bit security, due to its reduction loss for $2^{30}$230 signature queries in security analysis. The state-of-the-art ECDSA scheme comes with no de facto formal security guarantee. Although there have been many signatures with higher concrete security, their structures are quite different from ECDSA and a total replacement of the signature field in Ethereum will incur high deployment cost. In this work, we present EthereumX without compromising the signature structure in Ethereum while achieves better security. The security gain is built on top of a new technique named randomness preprocessing module (RPM), which can securely pre-generate and verify randomness with the help of Ethereum. Calling RPM allows to pre-select randomness, which will be used for the subsequent signature, and to verify the randomness, assuring that it is previously generated. We give an instantiation with formal security guarantee and prove that it can be improved to 80-bit concrete security under the same discrete logarithm assumption as ECDSA. From this instantiated scheme, we implement EthereumX via a deployment into a locally simulated network. Experiment results show that EthereumX costs 5 seconds for a block generation which is equal to Ethereum, and generates/verifies at least $17017/10623$17017/10623 transactions per second that is practical enough in application, even if they are slightly slower than Ethereum which generates/verifies at least $17908/11257$17908/11257 transactions per second. We also mention that RMP can be applied to other DL-based signatures for the security improvement.