Paper 2023/765
Threshold ECDSA in Three Rounds
Abstract
We present a three-round protocol for threshold ECDSA signing with malicious security against a dishonest majority, which information-theoretically UC-realizes a standard threshold signing functionality, assuming only ideal commitment and two-party multiplication primitives. Our protocol combines an intermediate representation of ECDSA signatures that was recently introduced by Abram et al. (Eurocrypt'22) with an efficient statistical consistency check reminiscent of the ones used by the protocols of Doerner et al. (S&P'18, S&P'19). We show that shared keys for our signing protocol can be generated using a simple commit-release-and-complain procedure, without any proofs of knowledge, and to compute the intermediate representation of each signature, we propose a two-round vectorized multiplication protocol based on oblivious transfer that outperforms all similar constructions.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Major revision. IEEE S&P 2024
- Keywords
- threshold cryptographymulti-party computationECDSAconcrete efficiency
- Contact author(s)
-
j @ ckdoerner net
yash @ ykondi net
eysa_lee @ brown edu
abhi @ neu edu - History
- 2023-12-14: revised
- 2023-05-26: received
- See all versions
- Short URL
- https://ia.cr/2023/765
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/765, author = {Jack Doerner and Yashvanth Kondi and Eysa Lee and abhi shelat}, title = {Threshold {ECDSA} in Three Rounds}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/765}, year = {2023}, url = {https://eprint.iacr.org/2023/765} }