Hashcash, which is a Proof of Work (PoW) of bitcoin, is based on a preimage problem of hash functions of SHA-2 and RIPEMD. As these hash functions employ the Merkle-Damgard (MD) construction, a preimage can be found with negligible memory. Since such calculations can be accelerated by dedicated ASICs, it has a potential risk of a so-called 51% attack. To address this issue, we propose a new PoW scheme based on the key recovery problem of cascade block ciphers. By choosing the appropriate parameters, e.g., block sizes and key sizes of underlying block ciphers, we can make this problem a memory-hard problem such that it requires a lot of memory to efficiently solve it. Besides, we can independently adjust the required time complexity and memory complexity, according to requirements by target applications and progress of computational power.
Takaki ASANUMA
University of Hyogo
Takanori ISOBE
University of Hyogo
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Takaki ASANUMA, Takanori ISOBE, "A Proof of Work Based on Key Recovery Problem of Cascade Block Ciphers with ASIC Resistance" in IEICE TRANSACTIONS on Information,
vol. E105-D, no. 2, pp. 248-255, February 2022, doi: 10.1587/transinf.2021BCP0005.
Abstract: Hashcash, which is a Proof of Work (PoW) of bitcoin, is based on a preimage problem of hash functions of SHA-2 and RIPEMD. As these hash functions employ the Merkle-Damgard (MD) construction, a preimage can be found with negligible memory. Since such calculations can be accelerated by dedicated ASICs, it has a potential risk of a so-called 51% attack. To address this issue, we propose a new PoW scheme based on the key recovery problem of cascade block ciphers. By choosing the appropriate parameters, e.g., block sizes and key sizes of underlying block ciphers, we can make this problem a memory-hard problem such that it requires a lot of memory to efficiently solve it. Besides, we can independently adjust the required time complexity and memory complexity, according to requirements by target applications and progress of computational power.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2021BCP0005/_p
Copy
@ARTICLE{e105-d_2_248,
author={Takaki ASANUMA, Takanori ISOBE, },
journal={IEICE TRANSACTIONS on Information},
title={A Proof of Work Based on Key Recovery Problem of Cascade Block Ciphers with ASIC Resistance},
year={2022},
volume={E105-D},
number={2},
pages={248-255},
abstract={Hashcash, which is a Proof of Work (PoW) of bitcoin, is based on a preimage problem of hash functions of SHA-2 and RIPEMD. As these hash functions employ the Merkle-Damgard (MD) construction, a preimage can be found with negligible memory. Since such calculations can be accelerated by dedicated ASICs, it has a potential risk of a so-called 51% attack. To address this issue, we propose a new PoW scheme based on the key recovery problem of cascade block ciphers. By choosing the appropriate parameters, e.g., block sizes and key sizes of underlying block ciphers, we can make this problem a memory-hard problem such that it requires a lot of memory to efficiently solve it. Besides, we can independently adjust the required time complexity and memory complexity, according to requirements by target applications and progress of computational power.},
keywords={},
doi={10.1587/transinf.2021BCP0005},
ISSN={1745-1361},
month={February},}
Copy
TY - JOUR
TI - A Proof of Work Based on Key Recovery Problem of Cascade Block Ciphers with ASIC Resistance
T2 - IEICE TRANSACTIONS on Information
SP - 248
EP - 255
AU - Takaki ASANUMA
AU - Takanori ISOBE
PY - 2022
DO - 10.1587/transinf.2021BCP0005
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E105-D
IS - 2
JA - IEICE TRANSACTIONS on Information
Y1 - February 2022
AB - Hashcash, which is a Proof of Work (PoW) of bitcoin, is based on a preimage problem of hash functions of SHA-2 and RIPEMD. As these hash functions employ the Merkle-Damgard (MD) construction, a preimage can be found with negligible memory. Since such calculations can be accelerated by dedicated ASICs, it has a potential risk of a so-called 51% attack. To address this issue, we propose a new PoW scheme based on the key recovery problem of cascade block ciphers. By choosing the appropriate parameters, e.g., block sizes and key sizes of underlying block ciphers, we can make this problem a memory-hard problem such that it requires a lot of memory to efficiently solve it. Besides, we can independently adjust the required time complexity and memory complexity, according to requirements by target applications and progress of computational power.
ER -