Paper 2022/1656

Proactive Refresh for Accountable Threshold Signatures

Dan Boneh, Stanford University
Aditi Partap, Stanford University
Lior Rotem, Stanford University

An accountable threshold signature (ATS) is a threshold signature scheme where every signature identifies the quorum of signers who generated that signature. They are widely used in financial settings where signers need to be held accountable for threshold signatures they generate. In this paper we initiate the study of proactive refresh for accountable threshold signatures. Proactive refresh is a protocol that lets the group of signers refresh their shares of the secret key, without changing the public key or the threshold. We give several definitions for this notion achieving different levels of security. We observe that certain natural constructions for an ATS cannot be proactively refreshed because the secret key generated at setup is needed for accountability. We then construct three types of ATS schemes with proactive refresh. The first is a generic construction that is efficient when the number of signers is small. The second is a hybrid construction that performs well for a large number of signers and satisfies a strong security definition. The third is a collection of very practical constructions derived from ATS versions of the Schnorr and BLS signature schemes; however these practical constructions only satisfy our weaker notion of security.

Available format(s)
Cryptographic protocols
Publication info
Threshold signaturesProactive refreshSchnorrBLS
Contact author(s)
dabo @ cs stanford edu
aditi712 @ cs stanford edu
lrotem @ cs stanford edu
2023-02-16: last of 2 revisions
2022-11-28: received
See all versions
Short URL
Creative Commons Attribution


      author = {Dan Boneh and Aditi Partap and Lior Rotem},
      title = {Proactive Refresh for Accountable Threshold Signatures},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1656},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.