Provably Unforgeable Threshold EdDSA with an Offline Participant and Trustless Setup

We present an EdDSA-compatible multi-party digital signature scheme that supports an offline participant during the key-generation phase, without relying on a trusted third party. Under standard assumptions, we prove our scheme secure against adaptive malicious adversaries. Using a classical game-ba...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Mediterranean journal of mathematics Jg. 20; H. 5; S. 253
Hauptverfasser: Battagliola, Michele, Longo, Riccardo, Meneghetti, Alessio, Sala, Massimiliano
Format: Journal Article
Sprache:Englisch
Veröffentlicht: Cham Springer International Publishing 01.10.2023
Springer Nature B.V
Schlagworte:
Algorithms
Collaboration
Digital currencies
Digital signatures
Mathematics
Mathematics and Statistics
Protocol
Resilience
Trusted third parties
94A62 authentication and secret sharing
94A60 cryptography
12E20 finite fields
Primary 94Axx
68Wxx
68w40 analysis of algorithms
14h52 elliptic curves
Secondary 12Exx
14Hxx
ISSN:1660-5446, 1660-5454
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:We present an EdDSA-compatible multi-party digital signature scheme that supports an offline participant during the key-generation phase, without relying on a trusted third party. Under standard assumptions, we prove our scheme secure against adaptive malicious adversaries. Using a classical game-based argument, we prove that if there is an adversary capable of forging the scheme with non-negligible probability, then we can build a forger for the original EdDSA scheme with non-negligible probability. The scheme requires only two communication rounds in the signature generation phase and avoids expensive multi-party evaluation of cryptographic hash functions. We present our solution in a setting where two parties generate the keys and compute signatures, with a third party which can be brought online after the key generation when one of the other parties becomes unavailable. This setting is a perfect fit for custodial solutions where partially trusted services are employed by a user to increase resiliency. We provide also a possible solution to retain the resiliency of the recovery in the presence of a malicious party.
Bibliographie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1660-5446
1660-5454
DOI:10.1007/s00009-023-02452-9