Cryptology ePrint Archive: Report 2015/1169

Strength in Numbers: Threshold ECDSA to Protect Keys in the Cloud

Marc Green and Thomas Eisenbarth

Abstract: Side-channel attacks utilize information leakage in the implementation of an otherwise secure cryptographic algorithm to extract secret information. For example, adversaries can extract the secret key used in a cryptographic algorithm by observing cache-timing data. Threshold cryptography enables the division of private keys into shares, distributed among several nodes; the knowledge of a subset of shares does not leak information about the private key, thereby defending against memory disclosure and side-channel attacks. This work shows that applying threshold cryptography to ECDSA—the elliptic curve variant of DSA—yields a fully distributive signature protocol that does not feature a single point of failure. Our security analysis shows that Threshold ECDSA protects against a wide range of side-channel attacks, including cache attacks, and counteracts memory disclosure attacks. We further provide the first performance analysis of Threshold ECDSA, and provide a proof of concept of the protocol in practice.

Category / Keywords: Threshold Cryptography, Elliptic Curve Cryptography, ECDSA, SSL/TLS, Side-channel Attacks, Cloud Computing

Date: received 4 Dec 2015, last revised 4 Dec 2015

Contact author: marcgreen at wpi edu

Available format(s): PDF | BibTeX Citation

Version: 20151205:042955 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]