<p>Non-Fungible Token (NFT) creators use digital signatures to ensure the ownership, authenticity, integrity, and nonrepudiation of their digital works. However, if the private key is compromised, an attacker can generate unauthorized NFTs by using the creator’s private key to issue valid signatures. These valid but unauthorized signatures will be accepted in the NFT market and cannot be revoked. Even if the NFT creators update their private-public key pairs, they cannot deny the NFTs generated by the attacker. To mitigate these risks, we propose revocable signature by introducing commitment mechanism and an Auxiliary Embedded Key (<i>AEK</i>) into the signature, while the regular verification process does not involve this <i>AEK</i>. If a valid but unauthorized signature is detected and needs to be revoked, <i>AEK</i> will be disclosed to perform the revocation operation. To illustrate the application of revocable signatures in NFT, we design and implement a revocable Elliptic Curve Digital Signature Algorithm (ECDSA) scheme with provable security. Experimental evaluations on the FIPS-recommended elliptic curves show that the performance of revocable ECDSA is comparable to the basic ECDSA, with additional 0.0303&#xa0;s (P-256 curve) and 0.15 USD gas fee in Remix VM for revoking a signature.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Revocable signature: handling valid but unauthorized Non-Fungible Token through Auxiliary Embedded Key

  • Yuxin Xia,
  • Ziyang Ji,
  • Jie Zhang,
  • Wanxin Li,
  • Ka Lok Man,
  • Steven Guan,
  • Dominik Wojtczak

摘要

Non-Fungible Token (NFT) creators use digital signatures to ensure the ownership, authenticity, integrity, and nonrepudiation of their digital works. However, if the private key is compromised, an attacker can generate unauthorized NFTs by using the creator’s private key to issue valid signatures. These valid but unauthorized signatures will be accepted in the NFT market and cannot be revoked. Even if the NFT creators update their private-public key pairs, they cannot deny the NFTs generated by the attacker. To mitigate these risks, we propose revocable signature by introducing commitment mechanism and an Auxiliary Embedded Key (AEK) into the signature, while the regular verification process does not involve this AEK. If a valid but unauthorized signature is detected and needs to be revoked, AEK will be disclosed to perform the revocation operation. To illustrate the application of revocable signatures in NFT, we design and implement a revocable Elliptic Curve Digital Signature Algorithm (ECDSA) scheme with provable security. Experimental evaluations on the FIPS-recommended elliptic curves show that the performance of revocable ECDSA is comparable to the basic ECDSA, with additional 0.0303 s (P-256 curve) and 0.15 USD gas fee in Remix VM for revoking a signature.