Bandwidth-efficient threshold EC-DSA revisited: Online/offline extensions, identifiable aborts proactive and adaptive security
| Autor: | Castagnos, G., Catalano, D., Laguillaumie, F., Savasta, F., Tucker, I. |
|---|---|
| Přispěvatelé: | Lithe and fast algorithmic number theory (LFANT), Institut de Mathématiques de Bordeaux (IMB), Université Bordeaux Segalen - Bordeaux 2-Université Sciences et Technologies - Bordeaux 1 (UB)-Université de Bordeaux (UB)-Institut Polytechnique de Bordeaux (Bordeaux INP)-Centre National de la Recherche Scientifique (CNRS)-Université Bordeaux Segalen - Bordeaux 2-Université Sciences et Technologies - Bordeaux 1 (UB)-Université de Bordeaux (UB)-Institut Polytechnique de Bordeaux (Bordeaux INP)-Centre National de la Recherche Scientifique (CNRS)-Inria Bordeaux - Sud-Ouest, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Università degli studi di Catania = University of Catania (Unict), Exact Computing (ECO), Laboratoire d'Informatique de Robotique et de Microélectronique de Montpellier (LIRMM), Centre National de la Recherche Scientifique (CNRS)-Université de Montpellier (UM)-Centre National de la Recherche Scientifique (CNRS)-Université de Montpellier (UM), Institute IMDEA Software [Madrid], The work of the first and third authors was supported by the French ANR SANGRIA project (ANR-21-CE39-0006). The work of the second author was in part support by the Programma ricerca di ateneo UNICT 2020-22 linea 2. The work ofthe third author was supported by the French PEPR Cybersecurité SecureCompute project (ANR-22-PECY-0003). The work of fifth author was supported by ERC (ERC-2020-COG)., ANR-21-CE39-0006,SANGRIA,Calcul réparti sécurisé : Cryptographie, Combinatoire, Calcul Formel(2021), ANR-22-PECY-0003,SecureCompute,Secure computations(2022), European Project: 101001283,H2020-EU.1.1. - EXCELLENT SCIENCE - European Research Council (ERC),ERC-2020-COG,PICOCRYPT(2021) |
| Rok vydání: | 2023 |
| Předmět: | |
| Zdroj: | Theoretical Computer Science Theoretical Computer Science, 2023, 939, pp.78-104. ⟨10.1016/j.tcs.2022.10.016⟩ |
| ISSN: | 0304-3975 1879-2294 |
| Popis: | International audience; Due to their use in crypto-currencies, threshold ECDSA signatures have received much attention in recent years. Though efficient solutions now exist both for the two party, and the full threshold scenario, there is still much room for improvement, be it in terms of protocol functionality, strengthening security or further optimising efficiency. In the past few months, a range of protocols have been published, allowing for a non interactive-and hence extremely efficient-signing protocol; providing new features, such as identifiable aborts (parties can be held accountable if they cause the protocol to fail), fairness in the honest majority setting (all parties receive output or nobody does) and other properties. In some cases, security is proven in the strong simulation based model. We combine ideas from the aforementioned articles with the suggestion of Castagnos et al. (PKC 2020) to use the class group based CL framework so as to drastically reduce bandwidth consumption. Building upon this latter protocol we present a new, maliciously secure, full threshold ECDSA protocol that achieves additional features without sacrificing efficiency. Our most basic protocol boasts a non interactive signature algorithm and identifiable aborts. We also propose a more advanced variant that achieves adaptive security (for the n-out-of-n case) and proactive security. Our resulting constructions improve upon state of the art Paillier's based realizations achieving similar goals by up to a 10 factor in bandwidth consumption. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Full Text from ScienceDirect