ECDSA is a standardized signing algorithm that is widely used in TLS, code signing, cryptocurrency and more. Due to its importance, the problem of securely computing ECDSA in a distributed manner (known as threshold signing) has received considerable interest. However, despite this interest, there is still no full threshold solution for more than 2 parties (meaning that any t-out-of-n parties can sign, security is preserved for any t - 1 or fewer corrupted parties, and t = n can be any value thus supporting an honest minority) that has practical key distribution. This is due to the fact that all previous solutions for this utilize Paillier homomorphic encryption, and efficient distributed Paillier key generation for more than two parties is not known. In this paper, we present the first truly practical full threshold ECDSA signing protocol that has both fast signing and fast key distribution. This solves a years-old open problem, and opens the door to practical uses of threshold ECDSA signing that are in demand today. One of these applications is the construction of secure cryptocurrency wallets (where key shares are spread over multiple devices and so are hard to steal) and cryptocurrency custody solutions (where large sums of invested cryptocurrency are strongly protected by splitting the key between a bank/financial institution, the customer who owns the currency, and possibly a third-party trustee, in multiple shares at each). There is growing practical interest in such solutions, but prior to our work these could not be deployed today due to the need for distributed key generation.
|Title of host publication
|CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
|Association for Computing Machinery
|Number of pages
|Published - 15 Oct 2018
|25th ACM Conference on Computer and Communications Security, CCS 2018 - Toronto, Canada
Duration: 15 Oct 2018 → …
|Proceedings of the ACM Conference on Computer and Communications Security
|25th ACM Conference on Computer and Communications Security, CCS 2018
|15/10/18 → …
Bibliographical notePublisher Copyright:
© 2018 Copyright held by the owner/author(s). Publication rights licensed to ACM.