A Proof of Work based on Preimage Problem of Variants of SHA-3 with ASIC Resistance

抄録

Hashcash, which is a Proof of Work (PoW) of bitcoin, is based on a preimage problem of hash functions of SHA-2 and RIPEMD. Since these hash functions employ the Merkle-Damgard (MD) construction, a preimage can be found with a negligible amount of memory. It is well known that such calculations can be speeded up by ASIC, and this causes a serious problem from the so-called 51% attack by dedicated ASIC mining pools. To address this issue, we propose a new PoW scheme based on a preimage problem of variants of SHA-3. Unlike SHA-2 and RIPEMD, SHA-3 adopts a sponge construction as an underlying domain extension algorithm. This difference allows us to make the problem of finding a preimage very memory-consuming calculations by properly choosing parameters of sponge functions. As a result, our scheme can achieve ASIC resistance by using SHA-3 for Hashcash.