Paper 2026/1100

Adaptively Secure (Aggregatable) PVSS from Standard Assumptions

Renas Bacho, Ruhr University Bochum
Yanbo Chen, University of Ottawa
Julian Loss, Ruhr University Bochum
Abstract

Publicly verifiable secret sharing (PVSS) is a fundamental primitive in threshold cryptography that allows a dealer to share a secret $S$ among a set of $n$ parties via a publicly verifiable transcript. Any subset of $t+1$ parties can then use their individual shares to reconstruct the full secret $S$, whereas $t$ or fewer shares give no information about $S$. As such, the secret $S$ remains hidden from an adversary that corrupts up to $t$ parties. Recently, Bacho and Loss (CCS 2023) gave the first proof of any PVSS scheme under an adaptive adversary. However, their security proof relies on strong and non-standard assumptions such as the algebraic group model (AGM) and the hardness of the one-more discrete logarithm (OMDL) problem. In particular, any protocol (e.g., distributed randomness beacon or distributed key generation) that makes use of a PVSS scheme either inherits these limitations or is not provably adaptively secure. In this work, we present for the first time an adaptively secure PVSS scheme from well-established assumptions. In more detail, we provide two PVSS schemes with different properties. Our first scheme works over any pairing-free cyclic group and its security relies on the decisional Diffie-Hellman (DDH) assumption. Our second scheme works over an asymmetric pairing group, its security relies on the DDH and the co-computational Diffie-Hellman (co-CDH) assumption, and has the particularly valuable feature of aggregatability, which allows the aggregation of multiple PVSS transcripts into a single transcript while preserving verifiability. Notably, both our schemes are highly efficient, non-interactive, and work in the established plain public key model. These properties along with their provable adaptive security make them suitable candidates as building block in higher-level distributed protocols that aim to minimize communication.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A major revision of an IACR publication in CRYPTO 2026
Keywords
Threshold CryptographyPVSSAggregatabilityAdaptive Security
Contact author(s)
renas bacho @ rub de
ychen918 @ uottawa ca
julian loss @ rub de
History
2026-05-31: approved
2026-05-29: received
See all versions
Short URL
https://ia.cr/2026/1100
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2026/1100,
      author = {Renas Bacho and Yanbo Chen and Julian Loss},
      title = {Adaptively Secure (Aggregatable) {PVSS} from Standard Assumptions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/1100},
      year = {2026},
      url = {https://eprint.iacr.org/2026/1100}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.