Paper 2019/503

Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations

Guilhem Castagnos, Dario Catalano, Fabien Laguillaumie, Federico Savasta, and Ida Tucker


ECDSA is a widely adopted digital signature standard. Unfortunately, efficient distributed variants of this primitive are notoriously hard to achieve and known solutions often require expensive zero knowledge proofs to deal with malicious adversaries. For the two party case, Lindell [Lin17] recently managed to get an efficient solution which, to achieve simulation-based security, relies on an interactive, non standard, assumption on Paillier's cryptosystem. In this paper we generalize Lindell's solution using hash proof systems. The main advantage of our generic method is that it results in a simulation-based security proof without resorting to non-standard interactive assumptions. Moving to concrete constructions, we show how to instantiate our framework using class groups of imaginary quadratic fields. Our implementations show that the practical impact of dropping such interactive assumptions is minimal. Indeed, while for 128-bit security our scheme is marginally slower than Lindell's, for 256-bit security it turns out to be better both in key generation and signing time. Moreover, in terms of communication cost, our implementation significantly reduces both the number of rounds and the transmitted bits without exception.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MINOR revision.Advances in Cryptology - Proceedings of Crypto 2019
threshold cryptographytwo-partyECDSAhash proof systemsCL framework
Contact author(s)
guilhem castagnos @ math u-bordeaux1 fr
federico savasta @ unict it
fabien laguillaumie @ ens-lyon fr
catalano @ dmi unict it
ida tucker @ ens-lyon fr
2020-07-09: revised
2019-05-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Guilhem Castagnos and Dario Catalano and Fabien Laguillaumie and Federico Savasta and Ida Tucker},
      title = {Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations},
      howpublished = {Cryptology ePrint Archive, Paper 2019/503},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.