Cryptology ePrint Archive: Report 2019/503

Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations

Guilhem Castagnos and Dario Catalano and Fabien Laguillaumie and Federico Savasta and Ida Tucker

Abstract: ECDSA is a widely adopted digital signature standard. Unfortunately, efficient distributed variants of this primitive are notoriously hard to achieve and known solutions often require expensive zero knowledge proofs to deal with malicious adversaries. For the two party case, Lindell [Lin17] recently managed to get an efficient solution which, to achieve simulation-based security, relies on an interactive, non standard, assumption on Paillier's cryptosystem.

In this paper we generalize Lindell's solution using hash proof systems. The main advantage of our generic method is that it results in a simulation-based security proof without resorting to non-standard interactive assumptions.

Moving to concrete constructions, we show how to instantiate our framework using class groups of imaginary quadratic fields. Our implementations show that the practical impact of dropping such interactive assumptions is minimal. Indeed, while for 128-bit security our scheme is marginally slower than Lindell's, for 256-bit security it turns out to be better both in key generation and signing time. Moreover, in terms of communication cost, our implementation significantly reduces both the number of rounds and the transmitted bits without exception.

Category / Keywords: cryptographic protocols / threshold cryptography, two-party, ECDSA, hash proof systems, CL framework

Original Publication (with minor differences): Advances in Cryptology - Proceedings of Crypto 2019

Date: received 15 May 2019

Contact author: guilhem castagnos at math u-bordeaux1 fr,federico savasta@unict it,fabien laguillaumie@ens-lyon fr,catalano@dmi unict it,ida tucker@ens-lyon fr

Available format(s): PDF | BibTeX Citation

Version: 20190520:124646 (All versions of this report)

Short URL: ia.cr/2019/503