Cited By
View all- Wang JYuan XXu YZhang Y(2024)An Efficient Multiparty Threshold ECDSA Protocol against Malicious Adversaries for Blockchain‐Based LLMsIET Information Security10.1049/2024/22528652024:1Online publication date: 17-Oct-2024
How (Not) to Build Threshold EdDSA
Pages 123 - 134
Abstract
Edwards-curve digital signature algorithm (EdDSA) is a highly efficient scheme with a short key size. It is derived from the threshold-friendly Schnorr signatures and is covered by the NIST standardization efforts of threshold cryptographic primitives. Nevertheless, extending its deterministic nonce generation to the threshold setting requires heavyweight cryptographic techniques, even when the hash function is replaced with one optimized for secure multi-party computation. Indeed, an efficient extension to the threshold setting is considered a major challenge by NIST and academia.
In RAID 2022, a threshold EdDSA scheme is proposed with the nonce generation using only modular addition instead of a hash. This paper unveils the security flaw of this efficient design. We also propose a generic hybrid approach with a showcase of extending a state-of-the-art threshold Schnorr signature scheme. It enjoys a similar level of immunity to side-channel or fault injection attacks as the more heavyweight threshold extension of deterministic nonce generation, but is much more efficient due to its simplicity.
References
[1]
Abdelrahaman Aly, Tomer Ashur, Eli Ben-Sasson, Siemen Dhooghe, and Alan Szepieniec. 2020. Design of Symmetric-Key Primitives for Advanced Cryptographic Protocols. IACR Trans. Symmetric Cryptol. 2020, 3 (2020), 1–45. https://doi.org/10.13154/tosc.v2020.i3.1-45
[2]
Christopher Ambrose, Joppe W. Bos, Björn Fay, Marc Joye, Manfred Lochter, and Bruce Murray. 2018. Differential Attacks on Deterministic Signatures. In Topics in Cryptology - CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, San Francisco, CA, USA, April 16-20, 2018, Proceedings(Lecture Notes in Computer Science, Vol. 10808), Nigel P. Smart (Ed.). Springer, 339–353. https://doi.org/10.1007/978-3-319-76953-0_18
[3]
Diego F. Aranha, Felipe Rodrigues Novaes, Akira Takahashi, Mehdi Tibouchi, and Yuval Yarom. 2020. LadderLeak: Breaking ECDSA with Less than One Bit of Nonce Leakage. In CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM, 225–242. https://doi.org/10.1145/3372297.3417268
[4]
Mihir Bellare, Elizabeth C. Crites, Chelsea Komlo, Mary Maller, Stefano Tessaro, and Chenzhi Zhu. 2022. Better than Advertised Security for Non-interactive Threshold Signatures. In Advances in Cryptology - CRYPTO 2022 - 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, Proceedings, Part IV(Lecture Notes in Computer Science, Vol. 13510), Yevgeniy Dodis and Thomas Shrimpton (Eds.). Springer, 517–550. https://doi.org/10.1007/978-3-031-15985-5_18
[5]
Mihir Bellare, Hannah Davis, and Zijing Di. 2023. Hardening Signature Schemes via Derive-then-Derandomize: Stronger Security Proofs for EdDSA. In Public-Key Cryptography - PKC 2023 - 26th IACR International Conference on Practice and Theory of Public-Key Cryptography, Atlanta, GA, USA, May 7-10, 2023, Proceedings, Part I(Lecture Notes in Computer Science, Vol. 13940), Alexandra Boldyreva and Vladimir Kolesnikov (Eds.). Springer, 223–250. https://doi.org/10.1007/978-3-031-31368-4_9
[6]
Mihir Bellare, Shafi Goldwasser, and Daniele Micciancio. 1997. "Pseudo-Random" Number Generation Within Cryptographic Algorithms: The DDS Case. In Advances in Cryptology - CRYPTO ’97, 17th Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 1997, Proceedings(Lecture Notes in Computer Science, Vol. 1294), Burton S. Kaliski Jr. (Ed.). Springer, 277–291. https://doi.org/10.1007/BFb0052242
[7]
Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang. 2012. High-speed high-security signatures. J. Cryptogr. Eng. 2, 2 (2012), 77–89. https://doi.org/10.1007/s13389-012-0027-1
[8]
Kallista A. Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, and Karn Seth. 2017. Practical Secure Aggregation for Privacy-Preserving Machine Learning. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017, Bhavani Thuraisingham, David Evans, Tal Malkin, and Dongyan Xu (Eds.). ACM, 1175–1191. https://doi.org/10.1145/3133956.3133982
[9]
Dan Boneh and Ramarathnam Venkatesan. 1996. Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes. In Advances in Cryptology - CRYPTO ’96, 16th Annual International Cryptology Conference, Santa Barbara, California, USA, August 18-22, 1996, Proceedings(Lecture Notes in Computer Science, Vol. 1109), Neal Koblitz (Ed.). Springer, 129–142. https://doi.org/10.1007/3-540-68697-5_11
[10]
Charlotte Bonte, Nigel P. Smart, and Titouan Tanguy. 2021. Thresholdizing HashEdDSA: MPC to the Rescue. Int. J. Inf. Sec. 20, 6 (2021), 879–894. https://doi.org/10.1007/s10207-021-00539-6
[11]
Jean Bourgain, Van Vu, and Philip Wood. 2010. On the singularity probability of discrete random matrices. Journal of Functional Analysis 258 (01 2010), 559–603. https://doi.org/10.1016/j.jfa.2009.04.016
[12]
Luís T. A. N. Brandão. 2019. Towards Standardization of Threshold Schemes at NIST. In Proceedings of ACM Workshop on Theory of Implementation Security, TIS@CCS 2019, London, UK, November 11, 2019, Begül Bilgin, Svetla Petkova-Nikova, and Vincent Rijmen (Eds.). ACM, 29. https://doi.org/10.1145/3338467.3358954
[13]
Luís T. A. N. Brandão and Michael Davidson. 2022. Notes on Threshold EdDSA/Schnorr Signatures. https://doi.org/10.6028/nist.ir.8214b.ipd
[14]
Luís T. A. N. Brandão and René Peralta. 2023. NIST First Call for Multi-Party Threshold Schemes. https://doi.org/10.6028/nist.ir.8214c.ipd
[15]
Joachim Breitner and Nadia Heninger. 2019. Biased Nonce Sense: Lattice Attacks Against Weak ECDSA Signatures in Cryptocurrencies. In Financial Cryptography and Data Security - 23rd International Conference, FC 2019, Frigate Bay, St. Kitts and Nevis, February 18-22, 2019, Revised Selected Papers(Lecture Notes in Computer Science, Vol. 11598), Ian Goldberg and Tyler Moore (Eds.). Springer, 3–20. https://doi.org/10.1007/978-3-030-32101-7_1
[16]
Jacqueline Brendel, Cas Cremers, Dennis Jackson, and Mang Zhao. 2021. The Provable Security of Ed25519: Theory and Practice. In 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24-27 May 2021. IEEE, 1659–1676. https://doi.org/10.1109/SP40001.2021.00042
[17]
Billy Bob Brumley and Risto M. Hakala. 2009. Cache-Timing Template Attacks. In Advances in Cryptology - ASIACRYPT 2009, 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6-10, 2009. Proceedings(Lecture Notes in Computer Science, Vol. 5912), Mitsuru Matsui (Ed.). Springer, 667–684. https://doi.org/10.1007/978-3-642-10366-7_39
[18]
Guilhem Castagnos, Dario Catalano, Fabien Laguillaumie, Federico Savasta, and Ida Tucker. 2023. Bandwidth-efficient threshold EC-DSA revisited: Online/offline extensions, identifiable aborts proactive and adaptive security. Theor. Comput. Sci. 939 (2023), 78–104. https://doi.org/10.1016/j.tcs.2022.10.016
[19]
Melissa Chase and Sherman S. M. Chow. 2009. Improving privacy and security in multi-authority attribute-based encryption. In Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, Chicago, Illinois, USA, November 9-13, 2009, Ehab Al-Shaer, Somesh Jha, and Angelos D. Keromytis (Eds.). ACM, 121–130. https://doi.org/10.1145/1653662.1653678
[20]
Sherman S. M. Chow, Ming Li, Yongjun Zhao, and Wenqiang Jin. 2021. Sipster: Settling IOU Privately and Quickly with Smart Meters. In ACSAC ’21: Annual Computer Security Applications Conference, Virtual Event, USA, December 6 - 10, 2021. ACM, 219–234. https://doi.org/10.1145/3485832.3488029
[21]
Sherman S. M. Chow, Alexander Russell, Qiang Tang, Moti Yung, Yongjun Zhao, and Hong-Sheng Zhou. 2019. Let a Non-barking Watchdog Bite: Cliptographic Signatures with an Offline Watchdog. In Public-Key Cryptography - PKC 2019 - 22nd IACR International Conference on Practice and Theory of Public-Key Cryptography, Beijing, China, April 14-17, 2019, Proceedings, Part I(Lecture Notes in Computer Science, Vol. 11442), Dongdai Lin and Kazue Sako (Eds.). Springer, 221–251. https://doi.org/10.1007/978-3-030-17253-4_8
[22]
Deirdre Connolly, Chelsea Komlo, Ian Goldberg, and Christopher A. Wood. 2023. Two-Round Threshold Schnorr Signatures with FROST. Internet-Draft draft-irtf-cfrg-frost-14. Internet Engineering Task Force. https://datatracker.ietf.org/doc/draft-irtf-cfrg-frost/14 (Work in Progress).
[23]
Colin Cooper. 2000. On the rank of random matrices. Random Struct. Algorithms 16, 2 (2000), 209–232.
[24]
Elizabeth C. Crites, Chelsea Komlo, and Mary Maller. 2023. Fully Adaptive Schnorr Threshold Signatures. IACR Cryptol. ePrint Arch. 2023/445. https://eprint.iacr.org/2023/445 (To appear at Crypto 2023).
[25]
Anders P. K. Dalskov, Claudio Orlandi, Marcel Keller, Kris Shrishak, and Haya Shulman. 2020. Securing DNSSEC Keys via Threshold ECDSA from Generic MPC. In Computer Security - ESORICS 2020 - 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14-18, 2020, Proceedings, Part II(Lecture Notes in Computer Science, Vol. 12309), Liqun Chen, Ninghui Li, Kaitai Liang, and Steve A. Schneider (Eds.). Springer, 654–673. https://doi.org/10.1007/978-3-030-59013-0_32
[26]
Yvo Desmedt. 1987. Society and Group Oriented Cryptography: A New Concept. In Advances in Cryptology - CRYPTO ’87, A Conference on the Theory and Applications of Cryptographic Techniques, Santa Barbara, California, USA, August 16-20, 1987, Proceedings(Lecture Notes in Computer Science, Vol. 293), Carl Pomerance (Ed.). Springer, 120–127. https://doi.org/10.1007/3-540-48184-2_8
[27]
Yvo Desmedt and Yair Frankel. 1989. Threshold Cryptosystems. In Advances in Cryptology - CRYPTO ’89, 9th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 1989, Proceedings(Lecture Notes in Computer Science, Vol. 435), Gilles Brassard (Ed.). Springer, 307–315. https://doi.org/10.1007/0-387-34805-0_28
[28]
Adam Everspaugh, Yan Zhai, Robert Jellinek, Thomas Ristenpart, and Michael M. Swift. 2014. Not-So-Random Numbers in Virtualized Linux and the Whirlwind RNG. In 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18-21, 2014. IEEE Computer Society, 559–574. https://doi.org/10.1109/SP.2014.42
[29]
Paul Feldman. 1987. A Practical Scheme for Non-interactive Verifiable Secret Sharing. In 28th Annual Symposium on Foundations of Computer Science, Los Angeles, California, USA, 27-29 October 1987. IEEE Computer Society, 427–437. https://doi.org/10.1109/SFCS.1987.4
[30]
Adam Gagol, Jedrzej Kula, Damian Straszak, and Michal Swietek. 2020. Threshold ECDSA for Decentralized Asset Custody. IACR Cryptol. ePrint Arch. 2020/498. https://eprint.iacr.org/2020/498
[31]
François Garillot, Yashvanth Kondi, Payman Mohassel, and Valeria Nikolaenko. 2021. Threshold Schnorr with Stateless Deterministic Signing from Standard Assumptions. In Advances in Cryptology - CRYPTO 2021 - 41st Annual International Cryptology Conference, CRYPTO 2021, Virtual Event, August 16-20, 2021, Proceedings, Part I(Lecture Notes in Computer Science, Vol. 12825), Tal Malkin and Chris Peikert (Eds.). Springer, 127–156. https://doi.org/10.1007/978-3-030-84242-0_6
[32]
Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. 1999. Secure Distributed Key Generation for Discrete-Log Based Cryptosystems. In Advances in Cryptology - EUROCRYPT ’99, International Conference on the Theory and Application of Cryptographic Techniques, Prague, Czech Republic, May 2-6, 1999, Proceeding(Lecture Notes in Computer Science, Vol. 1592), Jacques Stern (Ed.). Springer, 295–310. https://doi.org/10.1007/3-540-48910-X_21
[33]
Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. 2007. Secure Distributed Key Generation for Discrete-Log Based Cryptosystems. J. Cryptol. 20, 1 (2007), 51–83. https://doi.org/10.1007/s00145-006-0347-3
[34]
Martin Hirt and Ueli M. Maurer. 2000. Player Simulation and General Adversary Structures in Perfect Multiparty Computation. J. Cryptol. 13, 1 (2000), 31–60. https://doi.org/10.1007/s001459910003
[35]
ianix.com. 2023. Things that use Ed25519. https://ianix.com/pub/ed25519-deployment.html. Last accessed on July 14, 2023.
[36]
Don Johnson, Alfred Menezes, and Scott A. Vanstone. 2001. The Elliptic Curve Digital Signature Algorithm (ECDSA). Int. J. Inf. Sec. 1, 1 (2001), 36–63. https://doi.org/10.1007/s102070100002
[37]
Simon Josefsson and Ilari Liusvaara. 2017. Edwards-Curve Digital Signature Algorithm (EdDSA). RFC 8032. https://doi.org/10.17487/RFC8032
[38]
Chelsea Komlo and Ian Goldberg. 2020. FROST: Flexible Round-Optimized Schnorr Threshold Signatures. In Selected Areas in Cryptography - SAC 2020 - 27th International Conference, Halifax, NS, Canada (Virtual Event), October 21-23, 2020, Revised Selected Papers(Lecture Notes in Computer Science, Vol. 12804), Orr Dunkelman, Michael J. Jacobson Jr., and Colin O’Flynn (Eds.). Springer, 34–65. https://doi.org/10.1007/978-3-030-81652-0_2
[39]
John Preuß Mattsson, Erik Thormarker, and Sini Ruohomaa. 2022. Deterministic ECDSA and EdDSA Signatures with Additional Randomness. Internet-Draft draft-mattsson-cfrg-det-sigs-with-noise-04. Internet Engineering Task Force. https://datatracker.ietf.org/doc/draft-mattsson-cfrg-det-sigs-with-noise/04
[40]
Hiraku Morita, Jacob C. N. Schuldt, Takahiro Matsuda, Goichiro Hanaoka, and Tetsu Iwata. 2015. On the Security of the Schnorr Signature Scheme and DSA Against Related-Key Attacks. In Information Security and Cryptology - ICISC 2015 - 18th International Conference, Seoul, South Korea, November 25-27, 2015, Revised Selected Papers(Lecture Notes in Computer Science, Vol. 9558), Soonhak Kwon and Aaram Yun (Eds.). Springer, 20–35. https://doi.org/10.1007/978-3-319-30840-1_2
[41]
Moni Naor, Benny Pinkas, and Omer Reingold. 1999. Distributed Pseudo-random Functions and KDCs. In Advances in Cryptology - EUROCRYPT ’99, International Conference on the Theory and Application of Cryptographic Techniques, Prague, Czech Republic, May 2-6, 1999, Proceeding(Lecture Notes in Computer Science, Vol. 1592), Jacques Stern (Ed.). Springer, 327–346. https://doi.org/10.1007/3-540-48910-X_23
[42]
Hoi H. Nguyen and Van Vu. 2014. Random matrices: Law of the determinant. The Annals of Probability 42, 1 (2014), 146 – 167. https://doi.org/10.1214/12-AOP791
[43]
Phong Q. Nguyen and Jacques Stern. 2000. Lattice Reduction in Cryptology: An Update. In Algorithmic Number Theory, 4th International Symposium, ANTS-IV, Leiden, The Netherlands, July 2-7, 2000, Proceedings(Lecture Notes in Computer Science, Vol. 1838), Wieb Bosma (Ed.). Springer, 85–112. https://doi.org/10.1007/10722028_4
[44]
Jonas Nick, Tim Ruffing, Yannick Seurin, and Pieter Wuille. 2020. MuSig-DN: Schnorr Multi-Signatures with Verifiably Deterministic Nonces. In CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM, 1717–1731. https://doi.org/10.1145/3372297.3417236
[45]
OEIS Foundation Inc.2023. Entry A046747 in The On-Line Encyclopedia of Integer Sequences. https://oeis.org/A0467.
[46]
National Institute of Standards and Technology. 2019. FIPS 186-5: Digital Signature Standard (DSS). https://csrc.nist.gov/publications/detail/fips/186/5/final
[47]
Bryan Parno, Jacob R. Lorch, John R. Douceur, James W. Mickens, and Jonathan M. McCune. 2011. Memoir: Practical State Continuity for Protected Modules. In 32nd IEEE Symposium on Security and Privacy, S&P 2011, 22-25 May 2011, Berkeley, California, USA. IEEE Computer Society, 379–394. https://doi.org/10.1109/SP.2011.38
[48]
Damian Poddebniak, Juraj Somorovsky, Sebastian Schinzel, Manfred Lochter, and Paul Rösler. 2018. Attacking Deterministic Signature Schemes Using Fault Attacks. In 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018, London, United Kingdom, April 24-26, 2018. IEEE, 338–352. https://doi.org/10.1109/EuroSP.2018.00031
[49]
David Pointcheval and Jacques Stern. 2000. Security Arguments for Digital Signatures and Blind Signatures. J. Cryptol. 13, 3 (2000), 361–396. https://doi.org/10.1007/s001450010003
[50]
Thomas Ristenpart and Scott Yilek. 2010. When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography. In Proceedings of the Network and Distributed System Security Symposium, NDSS 2010, San Diego, California, USA, 28th February - 3rd March 2010. The Internet Society, 18 pages. https://www.ndss-symposium.org/ndss2010/when-good-randomness-goes-bad-virtual-machine-reset-vulnerabilities-and-hedging-deployed
[51]
Yolan Romailler and Sylvain Pelissier. 2017. Practical Fault Attack against the Ed25519 and EdDSA Signature Schemes. In 2017 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2017, Taipei, Taiwan, September 25, 2017. IEEE Computer Society, 17–24. https://doi.org/10.1109/FDTC.2017.12
[52]
Niels Samwel and Lejla Batina. 2018. Practical Fault Injection on Deterministic Signatures: The Case of EdDSA. In Progress in Cryptology - AFRICACRYPT 2018 - 10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7-9, 2018, Proceedings(Lecture Notes in Computer Science, Vol. 10831), Antoine Joux, Abderrahmane Nitaj, and Tajjeeddine Rachidi (Eds.). Springer, 306–321. https://doi.org/10.1007/978-3-319-89339-6_17
[53]
Niels Samwel, Lejla Batina, Guido Bertoni, Joan Daemen, and Ruggero Susella. 2018. Breaking Ed25519 in WolfSSL. In Topics in Cryptology - CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, San Francisco, CA, USA, April 16-20, 2018, Proceedings(Lecture Notes in Computer Science, Vol. 10808), Nigel P. Smart (Ed.). Springer, 1–20. https://doi.org/10.1007/978-3-319-76953-0_1
[54]
Claus-Peter Schnorr. 1989. Efficient Identification and Signatures for Smart Cards. In Advances in Cryptology - CRYPTO ’89, 9th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 1989, Proceedings(Lecture Notes in Computer Science, Vol. 435), Gilles Brassard (Ed.). Springer, 239–252. https://doi.org/10.1007/0-387-34805-0_22
[55]
Claus-Peter Schnorr. 1991. Efficient Signature Generation by Smart Cards. J. Cryptol. 4, 3 (1991), 161–174. https://doi.org/10.1007/BF00196725
[56]
Adi Shamir. 1979. How to Share a Secret. Commun. ACM 22, 11 (1979), 612–613. https://doi.org/10.1145/359168.359176
[57]
Yang Shi, Junqing Liang, Mianhong Li, Tianchen Ma, Guodong Ye, Jiangfeng Li, and Qinpei Zhao. 2022. Threshold EdDSA Signature for Blockchain-based Decentralized Finance Applications. In 25th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2022, Limassol, Cyprus, October 26-28, 2022. ACM, 129–142. https://doi.org/10.1145/3545948.3545977
[58]
Ewa Syta, Iulia Tamas, Dylan Visher, David Isaac Wolinsky, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ismail Khoffi, and Bryan Ford. 2016. Keeping Authorities “Honest or Bust” with Decentralized Witness Cosigning. In IEEE Symposium on Security and Privacy, SP 2016, San Jose, CA, USA, May 22-26, 2016. IEEE Computer Society, 526–545. https://doi.org/10.1109/SP.2016.38
[59]
Akira Takahashi, Mehdi Tibouchi, and Masayuki Abe. 2018. New Bleichenbacher Records: Fault Attacks on qDSA Signatures. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018, 3 (2018), 331–371. https://doi.org/10.13154/tches.v2018.i3.331-371
[60]
Konstantin Tikhomirov. 2020. Singularity of random Bernoulli matrices. Annals of Mathematics 191, 2 (2020), 593 – 634. https://doi.org/10.4007/annals.2020.191.2.6
[61]
Yujue Wang, Duncan S. Wong, Qianhong Wu, Sherman S. M. Chow, Bo Qin, and Jianwei Liu. 2014. Practical Distributed Signatures in the Standard Model. In Topics in Cryptology - CT-RSA 2014 - The Cryptographer’s Track at the RSA Conference 2014, San Francisco, CA, USA, February 25-28, 2014. Proceedings(Lecture Notes in Computer Science, Vol. 8366), Josh Benaloh (Ed.). Springer, 307–326. https://doi.org/10.1007/978-3-319-04852-9_16
[62]
Ziyu Wang, Hui Yu, Zongyang Zhang, Jiaming Piao, and Jianwei Liu. 2020. ECDSA weak randomness in Bitcoin. Future Gener. Comput. Syst. 102 (2020), 507–513. https://doi.org/10.1016/j.future.2019.08.034
[63]
Samuel Weiser, David Schrammel, Lukas Bodner, and Raphael Spreitzer. 2020. Big Numbers - Big Troubles: Systematically Analyzing Nonce Leakage in (EC)DSA Implementations. In 29th USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020, Srdjan Capkun and Franziska Roesner (Eds.). USENIX Association, 1767–1784. https://www.usenix.org/conference/usenixsecurity20/presentation/weiser
[64]
Leo Weissbart, Stjepan Picek, and Lejla Batina. 2019. One Trace Is All It Takes: Machine Learning-Based Side-Channel Attack on EdDSA. In Security, Privacy, and Applied Cryptography Engineering - 9th International Conference, SPACE 2019, Gandhinagar, India, December 3-7, 2019, Proceedings(Lecture Notes in Computer Science, Vol. 11947), Shivam Bhasin, Avi Mendelson, and Mridul Nandi (Eds.). Springer, 86–105. https://doi.org/10.1007/978-3-030-35869-3_8
[65]
Harry W. H. Wong, Jack P. K. Ma, Hoover H. F. Yin, and Sherman S. M. Chow. 2023. Real Threshold ECDSA. In 30th Annual Network and Distributed System Security Symposium, NDSS 2023, San Diego, California, USA, February 27 - March 3, 2023. The Internet Society, 18 pages. https://www.ndss-symposium.org/ndss-paper/real-threshold-ecdsa
[66]
Tsz Hon Yuen, Cong Zhang, and Sherman S. M. Chow. 2022. Don’t Tamper with Dual System Encryption - Beyond Polynomial Related-Key Security of IBE. In Applied Cryptography and Network Security - 20th International Conference, ACNS 2022, Rome, Italy, June 20-23, 2022, Proceedings(Lecture Notes in Computer Science, Vol. 13269), Giuseppe Ateniese and Daniele Venturi (Eds.). Springer, 419–439. https://doi.org/10.1007/978-3-031-09234-3_21
[67]
Cong Zhang, Tsz Hon Yuen, Hao Xiong, Sherman S. M. Chow, Siu-Ming Yiu, and Yi Jun He. 2013. Multi-key leakage-resilient threshold cryptography. In 8th ACM Symposium on Information, Computer and Communications Security, ASIA CCS ’13, Hangzhou, China - May 08 - 10, 2013, Kefei Chen, Qi Xie, Weidong Qiu, Ninghui Li, and Wen-Guey Tzeng (Eds.). ACM, 61–70. https://doi.org/10.1145/2484313.2484321
[68]
Zongyang Zhang, Yu Chen, Sherman S. M. Chow, Goichiro Hanaoka, Zhenfu Cao, and Yunlei Zhao. 2015. Black-Box Separations of Hash-and-Sign Signatures in the Non-Programmable Random Oracle Model. In Provable Security - 9th International Conference, ProvSec 2015, Kanazawa, Japan, November 24-26, 2015, Proceedings(Lecture Notes in Computer Science, Vol. 9451), Man Ho Au and Atsuko Miyaji (Eds.). Springer, 435–454. https://doi.org/10.1007/978-3-319-26059-4_24
Index Terms
- How (Not) to Build Threshold EdDSA
Recommendations
FROST: Flexible Round-Optimized Schnorr Threshold Signatures
Selected Areas in CryptographyAbstractUnlike signatures in a single-party setting, threshold signatures require cooperation among a threshold number of signers each holding a share of a common private key. Consequently, generating signatures in a threshold setting imposes overhead due ...
ROAST: Robust Asynchronous Schnorr Threshold Signatures
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications SecurityBitcoin and other cryptocurrencies have recently introduced support for Schnorr signatures whose cleaner algebraic structure, as compared to ECDSA, allows for simpler and more practical constructions of highly demanded ''t-of-n'' threshold signatures. ...
Practical Schnorr Threshold Signatures Without the Algebraic Group Model
Advances in Cryptology – CRYPTO 2023AbstractThreshold signatures are digital signature schemes in which a set of n signers specify a threshold t such that any subset of size t is authorized to produce signatures on behalf of the group. There has recently been a renewed interest in this ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2023
769 pages
ISBN:9798400707650
DOI:10.1145/3607199
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 16 October 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- Research Grant Council, Hong Kong
Conference
RAID 2023
RAID 2023: The 26th International Symposium on Research in Attacks, Intrusions and Defenses
October 16 - 18, 2023
Hong Kong, China
Acceptance Rates
Overall Acceptance Rate 43 of 173 submissions, 25%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 170Total Downloads
- Downloads (Last 12 months)108
- Downloads (Last 6 weeks)7
Reflects downloads up to 13 Dec 2024
Other Metrics
Citations
Cited By
View all- Wang JYuan XXu YZhang Y(2024)An Efficient Multiparty Threshold ECDSA Protocol against Malicious Adversaries for Blockchain‐Based LLMsIET Information Security10.1049/2024/22528652024:1Online publication date: 17-Oct-2024
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format