Abstract
ECDSA is a standard digital signature schemes that is widely used in TLS, Bitcoin and elsewhere. Unlike other schemes like RSA, Schnorr signatures and more, it is particularly hard to construct efficient threshold signature protocols for ECDSA (and DSA). As a result, the best-known protocols today for secure distributed ECDSA require running heavy zero-knowledge proofs and computing many large-modulus exponentiations for every signing operation. In this paper, we consider the specific case of two parties (and thus no honest majority) and construct a protocol that is approximately two orders of magnitude faster than the previous best. Concretely, our protocol achieves good performance, with a single signing operation for curve P-256 taking approximately 37 ms between two standard machine types in Azure (utilizing a single core only). Our protocol is proven secure under standard assumptions using a game-based definition. In addition, we prove security by simulation under a plausible yet non-standard assumption regarding Paillier.
Original language | English |
---|---|
Title of host publication | Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings |
Editors | Jonathan Katz, Hovav Shacham |
Publisher | Springer Verlag |
Pages | 613-644 |
Number of pages | 32 |
ISBN (Print) | 9783319637143 |
DOIs | |
State | Published - 2017 |
Event | 37th Annual International Cryptology Conference, CRYPTO 2017 - Santa Barbara, United States Duration: 20 Aug 2017 → 24 Aug 2017 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 10402 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 37th Annual International Cryptology Conference, CRYPTO 2017 |
---|---|
Country/Territory | United States |
City | Santa Barbara |
Period | 20/08/17 → 24/08/17 |
Bibliographical note
Publisher Copyright:© 2017, International Association for Cryptologic Research.