Paper 2023/765

Threshold ECDSA in Three Rounds

Jack Doerner, Technion – Israel Institute of Technology, Reichman University, Brown University
Yashvanth Kondi, Silence Laboratories (Deel)
Eysa Lee, Brown University
abhi shelat, Northeastern University
Abstract

We present a three-round protocol for threshold ECDSA signing with malicious security against a dishonest majority, which information-theoretically UC-realizes a standard threshold signing functionality, assuming only ideal commitment and two-party multiplication primitives. Our protocol combines an intermediate representation of ECDSA signatures that was recently introduced by Abram et al. (Eurocrypt'22) with an efficient statistical consistency check reminiscent of the ones used by the protocols of Doerner et al. (S&P'18, S&P'19). We show that shared keys for our signing protocol can be generated using a simple commit-release-and-complain procedure, without any proofs of knowledge, and to compute the intermediate representation of each signature, we propose a two-round vectorized multiplication protocol based on oblivious transfer that outperforms all similar constructions.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. IEEE S&P 2024
Keywords
threshold cryptographymulti-party computationECDSAconcrete efficiency
Contact author(s)
j @ ckdoerner net
yash @ ykondi net
eysa_lee @ brown edu
abhi @ neu edu
History
2023-12-14: revised
2023-05-26: received
See all versions
Short URL
https://ia.cr/2023/765
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/765,
      author = {Jack Doerner and Yashvanth Kondi and Eysa Lee and abhi shelat},
      title = {Threshold {ECDSA} in Three Rounds},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/765},
      year = {2023},
      url = {https://eprint.iacr.org/2023/765}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.