Paper 2022/241
Coalition and Threshold Hash-Based Signatures
Abstract
In this paper, we introduce techniques that transform existing stateful hash based signatures (HBS), such as LMS [MCF19] or XMSS [HBG+18], into efficient threshold and distributed signature schemes. Our scheme includes a trusted dealer, a set of trustees, and an untrusted aggregator. Signing requires only a little more work from each trustee than is required of a single signer, and requires two round trip messages between the aggregator and each trustee involved in the signature. All communications are done point-to-point; there is no broadcast channel required. Each trustee needs to maintain only a small amount of key material and state, however the aggregator must have access to a fairly large (hundreds of MiB up to a few GiB) common reference string. Our scheme produces standard LMS or XMSS signatures, indistinguishable from signatures created from a single signer, and so requires no change in verification software. Our scheme is provably secure assuming the security of the underlying stateful HBS and security of a PRF used to derive shares by the ntrustees.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- threshold cryptographyhash functionshash-based signatures
- Contact author(s)
-
stefan lucks @ uni-weimar de
nathalie lang @ uni-weimar de - History
- 2025-04-28: last of 2 revisions
- 2022-02-25: received
- See all versions
- Short URL
- https://ia.cr/2022/241
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/241,
author = {John Kelsey and Stefan Lucks and Nathalie Lang},
title = {Coalition and Threshold Hash-Based Signatures},
howpublished = {Cryptology {ePrint} Archive, Paper 2022/241},
year = {2022},
url = {https://eprint.iacr.org/2022/241}
}
