You are looking at a specific version 20200511:155431 of this paper. See the latest version.

Paper 2020/540

One Round Threshold ECDSA with Identifiable Abort

Rosario Gennaro and Steven Goldfeder

Abstract

Threshold ECDSA signatures have received much attention in recent years due to the widespread use of ECDSA in cryptocurrencies. While various protocols now exist that admit efficient distributed key generation and signing, these protocols have two main drawbacks. Firstly, if a player misbehaves, the protocol will abort, but all current protocols give no way to detect which player is responsible for the abort. In distributed settings, this can be catastrophic as any player can cause the protocol to fail without any consequence. General techniques to realize dishonest-majority MPC with identifiable abort add a prohibitive overhead, but we show how to build a tailored protocol for threshold ECDSA with minimal overhead. Secondly, current threshold ECDSA protocols (that do not rely on generic MPC) have numerous rounds of interaction. We present a highly efficient protocol with a non-interactive online phase allowing for players to asynchronously participate in the protocol without the need to be online simultaneously. We benchmark our protocols and find that our protocol simultaneously reduces the rounds and computations of current protocols, while adding significant functionality: identifiable abort and noninteractivity.

Note: Revision fixes a typo in the malicious player identification protocol, and a typo in the evaluation graph, and a confusing sentence in the introduction.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
threshold ECDSAthreshold signaturesidentifiable abort
Contact author(s)
goldfeder @ cornell edu
History
2021-12-17: last of 3 revisions
2020-05-10: received
See all versions
Short URL
https://ia.cr/2020/540
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.