Provably Unforgeable Threshold EdDSA with an Offline Participant and Trustless Setup

We present an EdDSA-compatible multi-party digital signature scheme that supports an offline participant during the key-generation phase, without relying on a trusted third party. Under standard assumptions, we prove our scheme secure against adaptive malicious adversaries. Using a classical game-ba...

Full description

Saved in:
Bibliographic Details
Published in:Mediterranean journal of mathematics Vol. 20; no. 5; p. 253
Main Authors: Battagliola, Michele, Longo, Riccardo, Meneghetti, Alessio, Sala, Massimiliano
Format: Journal Article
Language:English
Published: Cham Springer International Publishing 01.10.2023
Springer Nature B.V
Subjects:
Algorithms
Collaboration
Digital currencies
Digital signatures
Mathematics
Mathematics and Statistics
Protocol
Resilience
Trusted third parties
94A62 authentication and secret sharing
94A60 cryptography
12E20 finite fields
Primary 94Axx
68Wxx
68w40 analysis of algorithms
14h52 elliptic curves
Secondary 12Exx
14Hxx
ISSN:1660-5446, 1660-5454
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:We present an EdDSA-compatible multi-party digital signature scheme that supports an offline participant during the key-generation phase, without relying on a trusted third party. Under standard assumptions, we prove our scheme secure against adaptive malicious adversaries. Using a classical game-based argument, we prove that if there is an adversary capable of forging the scheme with non-negligible probability, then we can build a forger for the original EdDSA scheme with non-negligible probability. The scheme requires only two communication rounds in the signature generation phase and avoids expensive multi-party evaluation of cryptographic hash functions. We present our solution in a setting where two parties generate the keys and compute signatures, with a third party which can be brought online after the key generation when one of the other parties becomes unavailable. This setting is a perfect fit for custodial solutions where partially trusted services are employed by a user to increase resiliency. We provide also a possible solution to retain the resiliency of the recovery in the presence of a malicious party.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1660-5446
1660-5454
DOI:10.1007/s00009-023-02452-9