Cryptology ePrint Archive: Report 2020/498

Threshold ECDSA for Decentralized Asset Custody

Adam Gągol and Jędrzej Kula and Damian Straszak and Michał Świętek

Abstract: The surge of interest in decentralization-enabling technologies sparked by the recent success of Bitcoin and other blockchains has led to several new challenges in cryptography and protocol design. One such challenge concerns the widely used digital signature scheme -- ECDSA -- that has in particular been chosen to secure transactions in Bitcoin and several other blockchain systems. To empower decentralized interoperability between such blockchains one would like to implement distributed custody over Bitcoin accounts, which technically can be realized via a threshold ECDSA protocol. Even though several threshold ECDSA protocols already exist, as we argue, due to lack of robustness in signature generation, they are not well suited for deployment scenarios with large committees of parties, out of which a significant fraction might be malicious or prone to DDoS attacks. We propose a new threshold ECDSA protocol that improves upon the state-of-the-art solutions by enabling robustness and fault attributability during signature generation. In addition to that, we improve the signing time and bandwidth of previous solutions by moving expensive operations that are oblivious to the signed message to a separate setup phase. Finally, we back our theoretical results via an empirical evaluation of our protocol in large-scale experiments in LAN and WAN settings.

Category / Keywords: cryptographic protocols / threshold cryptography, ECDSA, threshold signatures

Date: received 28 Apr 2020, last revised 15 May 2020

Contact author: damian straszak at gmail com, adam gagol@alephzero org

Available format(s): PDF | BibTeX Citation

Version: 20200515:090753 (All versions of this report)

Short URL: ia.cr/2020/498


[ Cryptology ePrint archive ]