|Speaker :||Kalpana Singh|
|Time:||3:00 pm - 4:00 pm|
|Location:||Zoom + LINCS|
With the growing popularity of cryptocurrencies, interest in digital signatures for securing keys is also on the rise. Researchers have been attempting since the 90’s to enhance known signature schemes with new properties useful in specific cases. Due to their use in cryptocurrencies, threshold ECDSA and EdDSA signatures have received much attention in recent years.
In the past few months, a range of protocols has been published, allowing for non-interactive, proactive security, identifiable aborts, fairness in the honest majority setting, and other properties such as dynamic settings and interoperability. Proactive security and non-interactivity properties are the most studied solutions for cryptocurrency securities. Proactive security is the notion of defending a distributed system against an attacker who compromises different devices through its lifetime, but no more than a threshold number of them at any given time. Non-interactivity: allowing a subset of a group of people to generate a signature without having to interact. A solution to the quest for noninteractivity is to divide the signature into two steps: the presigning (or offline) phase condenses most communication rounds and can be performed long before the signature is needed, while the signing (or online) phase takes only a single round and happens after the message is chosen. Most protocols however require that the subset of the signers be fixed before presigning, since they are the only ones who participate in it.
In this talk, I will present our two novel non-interactive threshold ECDSA protocols that remove the need for this assumption either partially or entirely. The security of these schemes is proven in a simulation-based definition. To evaluate the performance of the second protocol, it has been implemented in RUST and benchmarked. Additionally, I will talk about the extension of this work towards proactive security and interoperability-based solutions.