Paper 2024/184

Threshold Raccoon: Practical Threshold Signatures from Standard Lattice Assumptions

Rafael del Pino, PQShield
Shuichi Katsumata, PQShield, National Institute of Advanced Industrial Science and Technology
Mary Maller, PQShield, Ethereum Foundation
Fabrice Mouhartem, XWiki/CryptPad
Thomas Prest, PQShield
Markku-Juhani Saarinen, PQShield, Tampere University

Threshold signatures improve both availability and security of digital signatures by splitting the signing key into $N$ shares handed out to different parties. Later on, any subset of at least $T$ parties can cooperate to produce a signature on a given message. While threshold signatures have been extensively studied in the pre-quantum setting, they remain sparse from quantum-resilient assumptions. We present the first efficient lattice-based threshold signatures with signature size 13 KiB and communication cost 40 KiB per user, supporting a threshold size as large as 1024 signers. We provide an accompanying high performance implementation. The security of the scheme is based on the same assumptions as Dilithium, a signature recently selected by NIST for standardisation which, as far as we know, cannot easily be made threshold efficiently. All operations used during signing are due to symmetric primitives and simple lattice operations; in particular our scheme does not need heavy tools such as threshold fully homomorphic encryption or homomorphic trapdoor commitments as in prior constructions. The key technical idea is to use one-time additive masks to mitigate the leakage of the partial signing keys through partial signatures.

Available format(s)
Cryptographic protocols
Publication info
A major revision of an IACR publication in EUROCRYPT 2024
threshold signatureraccoonpost-quantumlattice
Contact author(s)
rafael del pino @ pqshield com
shuichi katsumata @ pqshield com
mary maller @ pqshield com
fabrice mouhartem @ xwiki com
thomas prest @ pqshield com
markku-juhani saarinen @ tuni fi
2024-02-09: approved
2024-02-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Rafael del Pino and Shuichi Katsumata and Mary Maller and Fabrice Mouhartem and Thomas Prest and Markku-Juhani Saarinen},
      title = {Threshold Raccoon: Practical Threshold Signatures from Standard Lattice Assumptions},
      howpublished = {Cryptology ePrint Archive, Paper 2024/184},
      year = {2024},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.