The Latency Price of Threshold Cryptosystem in Blockchains (2407.12172v1)

Abstract: Threshold cryptography is essential for many blockchain protocols. For example, many protocols rely on threshold common coin to implement asynchronous consensus, leader elections, and provide support for randomized applications. Similarly, threshold signature schemes are frequently used for protocol efficiency and state certification, and threshold decryption and threshold time-lock puzzles are often necessary for privacy. In this paper, we study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols with a focus on latency. More specifically, we focus on blockchain-native threshold cryptosystem, where the blockchain validators seek to run a threshold cryptographic protocol once for every block with the block contents as an input to the threshold cryptographic protocol. All existing approaches for blockchain-native threshold cryptosystems introduce a latency overhead of at least one message delay for running the threshold cryptographic protocol. In this paper, we first propose a mechanism to eliminate this overhead for blockchain-native threshold cryptosystems with tight thresholds, i.e., in threshold cryptographic protocols where the secrecy and reconstruction thresholds are the same. However, many real-world proof-of-stake-based blockchain-native threshold cryptosystems rely on ramp thresholds, where reconstruction thresholds are strictly greater than secrecy thresholds. For these blockchains, we formally demonstrate that the additional delay is unavoidable. We then introduce a mechanism to minimize this delay in the optimistic case. We implement our optimistic protocol for the proof-of-stake distributed randomness scheme on the Aptos blockchain. Our measurements from the Aptos mainnet show that the optimistic approach reduces latency overhead by 71%.

• The paper proposes a novel protocol that eliminates extra latency in tight thresholds by synchronizing cryptographic output with block finalization.
• The paper establishes a lower bound for ramp thresholds, demonstrating that inherent delays arise from the gap between secrecy and reconstruction requirements.
• The paper introduces an optimistic protocol that cuts latency by 71% on the Aptos blockchain under favorable conditions, showcasing significant practical benefits.

The Latency Price of Threshold Cryptosystem in Blockchains

The paper "The Latency Price of Threshold Cryptosystem in Blockchains" by Xiang et al. provides an in-depth analysis of the interplay between threshold cryptography and Byzantine-fault tolerant (BFT) consensus protocols in blockchains. The focus of their research is the latency overhead introduced by blockchain-native threshold cryptosystems and their potential minimization.

Overview of Blockchain-Native Threshold Cryptosystems

Threshold cryptography is essential in modern blockchain protocols. These cryptosystems are particularly vital for applications requiring asynchronous consensus, leader elections, and privacy-preserving operations such as threshold signatures and decryption. A blockchain-native threshold cryptosystem integrates these cryptographic primitives directly with the blockchain's consensus protocol, requiring the validators to run a threshold cryptographic protocol once every block.

Key Contributions

The paper makes the following significant contributions:

1. Latency Elimination in Tight Thresholds:
   • The authors propose a novel protocol that eliminates the additional message delay in blockchain-native threshold cryptosystems with tight thresholds (i.e., where the secrecy and reconstruction thresholds are equal). Their protocol ensures that the cryptographic output is available simultaneously with the block finalization, guaranteeing zero latency overhead in error-free executions.
2. Lower Bound for Ramp Thresholds:
   • For ramp thresholds (where the reconstruction threshold is strictly greater than the secrecy threshold), the paper establishes that the additional latency is unavoidable. This result shows that any protocol must incur additional delay in providing the cryptographic output due to the inherent gap between the secrecy and reconstruction thresholds.
3. Optimistic Protocol for Ramp Thresholds:
   • An optimistic protocol is introduced to minimize overhead under favorable conditions. This protocol reveals that even for ramp thresholds, it is possible to achieve significant latency reduction in optimistic scenarios. Their implementation on the Aptos blockchain demonstrates a 71% reduction in latency, showcasing practical effectiveness.

Practical Implications and Future Directions

The implications of this research are multifold. On a practical level, the proposed protocol for tight thresholds can be directly applied to many existing blockchain systems, enhancing their efficiency by eliminating additional latency. For ramp thresholds, the optimistic protocol's practical deployment reveals potential latency improvements, suggesting that future-proofing blockchain-native threshold cryptosystems requires the consideration of both protocol and network conditions.

Moreover, the lower bound result for ramp thresholds provokes further exploration into the trade-offs between security and performance in threshold cryptographic protocols. Potential future developments could involve adaptive protocols that dynamically adjust based on network conditions and adversarial behavior, thereby balancing latency and security.

Case Study: Distributed Randomness on Aptos Blockchain

The authors implement and evaluate their proposed optimistic protocol on the Aptos blockchain, focusing on distributed randomness, a key application of blockchain-native threshold cryptosystems. Their evaluation provides quantitative evidence of the protocol's efficiency, reducing the latency from 85.5 ms to 24.7 ms. This significant improvement highlights the practical benefits of their theoretical contributions.

Conclusion

"The Latency Price of Threshold Cryptosystem in Blockchains" presents well-substantiated techniques for improving the efficiency of blockchain-native threshold cryptosystems by addressing the latency overhead in both tight and ramp thresholds. The insights provided by the lower bound analysis for ramp thresholds and the practical application of the optimistic protocol offer valuable contributions to the field of blockchain research and implementation. Future work may build on these foundations, exploring adaptive and more sophisticated cryptographic protocols to further mitigate latency without compromising on security.