(2022) ROAST: Robust Asynchronous Schnorr Threshold Signatures.
|
Text
2022-550.pdf Download (720kB) | Preview |
Abstract
Bitcoin and other cryptocurrencies have recently introduced support for Schnorr signatures whose cleaner algebraic structure, as compared to ECDSA, allows for simpler and more practical constructions of highly demanded "-of-" threshold signatures. However, existing Schnorr threshold signature schemes still fall short of the needs of real-world applications due to their assumption that the network is synchronous and due to their lack of robustness, i.e., the guarantee that honest signers are able to obtain a valid signature even in the presence of other malicious signers who try to disrupt the protocol. This hinders the adoption of threshold signatures in the cryptocurrency ecosystem, e.g., in second-layer protocols built on top of cryptocurrencies. In this work, we propose ROAST, a simple wrapper that turns a given threshold signature scheme into a scheme with a robust and asynchronous signing protocol, as long as the underlying signing protocol is semi-interactive (i.e., has one preprocessing round and one actual signing round), provides identifiable aborts, and is unforgeable under concurrent signing sessions. When applied to the state-of-the-art Schnorr threshold signature scheme FROST, which fulfills these requirements, we obtain a simple, efficient, and highly practical Schnorr threshold signature scheme.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Conference: | CCS ACM Conference on Computer and Communications Security |
| Depositing User: | Ben Stock |
| Date Deposited: | 13 Oct 2022 09:56 |
| Last Modified: | 05 Nov 2022 06:53 |
| Primary Research Area: | NRA1: Trustworthy Information Processing |
| URI: | https://publications.cispa.saarland/id/eprint/3838 |
Actions
Actions (login required)
 |
View Item |