Threshold ECDSA in Three Rounds

Jack Doerner; Yashvanth Kondi; Eysa Lee; abhi shelat

Paper 2023/765

Threshold ECDSA in Three Rounds

Jack Doerner, Technion – Israel Institute of Technology, Reichman University, Brown University

Yashvanth Kondi, Silence Laboratories (Deel)

Eysa Lee, Brown University

abhi shelat, Northeastern University

Abstract

We present a three-round protocol for threshold ECDSA signing with malicious security against a dishonest majority, which information-theoretically UC-realizes a standard threshold signing functionality, assuming only ideal commitment and two-party multiplication primitives. Our protocol combines an intermediate representation of ECDSA signatures that was recently introduced by Abram et al. (Eurocrypt'22) with an efficient statistical consistency check reminiscent of the ones used by the protocols of Doerner et al. (S&P'18, S&P'19). We show that shared keys for our signing protocol can be generated using a simple commit-release-and-complain procedure, without any proofs of knowledge, and to compute the intermediate representation of each signature, we propose a two-round vectorized multiplication protocol based on oblivious transfer that outperforms all similar constructions.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Published elsewhere. Major revision. IEEE S&P 2024
Keywords: threshold cryptography multi-party computation ECDSA concrete efficiency
Contact author(s): j @ ckdoerner net
yash @ ykondi net
eysa_lee @ brown edu
abhi @ neu edu
History: 2023-12-14: revised; 2023-05-26: received; See all versions
Short URL: https://ia.cr/2023/765
License: CC BY

BibTeX

@misc{cryptoeprint:2023/765,
      author = {Jack Doerner and Yashvanth Kondi and Eysa Lee and abhi shelat},
      title = {Threshold {ECDSA} in Three Rounds},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/765},
      year = {2023},
      url = {https://eprint.iacr.org/2023/765}
}