Hongxin Zhang,Guanghuan Xie,Xin Zou,Chi Zhang,Zhuo Li,Rui Qin,Gang Xiong,Fei-Yue Wang

DOI: https://doi.org/10.1109/tcss.2022.3230903

2024-01-01

IEEE Transactions on Computational Social Systems

Abstract:Threshold Elliptic Curve Digital Signature Algorithm (ECDSA) has attracted a lot of attention due to the wide applications of ECDSA in crypto asset. Although several variants of threshold signature protocols can provide functions, such as key generation and signing, they suffer from two shortfalls. First, these schemes only discuss a single signature computation task in a synchronous algorithm context, which is difficult to adapt to real crypto-asset applications, such as custody. Second, these schemes are computing intensive and not scalable, hence can hardly support large-scale processing operations in real life even after traditional optimization, such as multithreading, is applied. In this article, we propose an innovative computation method called asynchronous threshold ECDSA with batch processing, based on the interactive threshold signature protocols. The method provides a reliable solution for critical operational scenarios, such as threshold signing and distributed key generation (DKG) in crypto-asset custody, and can be a future reference in secure data distribution mechanisms. The performance and scalability of our methods are validated through a benchmark testing.

Liu Duan-yang,Pan Xue-zeng,Ping Ling-di

DOI: https://doi.org/10.1631/jzus.2003.0555

2003-01-01

Abstract:Distributed certification via threshold cryptography is much more secure than other ways to protect certification authority (CA)'s private key, and can tolerate some intrusions. As the original system such as ITTC, etc., is unsafe, inefficient and impracitcal in actual network environment, this paper brings up a new distributed certification scheme, which although it generates key shares concentratively, it updates key shares distributedly, and so, avoids single-point failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol, but can also change the threshold (t, k) flexibly and robustly, and so, is much more practical. In this work, the authors implement the prototype system of the new scheme and test and analyze its performance.

Ren Guo,Xiaogang Cheng

DOI: https://doi.org/10.1007/s11128-021-03390-9

IF: 1.965

2022-01-01

Quantum Information Processing

Abstract:Recently, a (t, n) threshold group signature scheme is present in Qin et al. (Quantum Inf Process 19(2):71, 2020). In this paper, we point out that it is not a threshold signature scheme, namely any number of members can generate a valid signature. By introducing a secret sharing scheme, we show how to improve the original scheme to a threshold signature scheme. In the original scheme, the key for the one-time pad encryption is used more than once, which makes the verifier recover the key and fabricate any signature at his will. We show how to close this security loophole. And we also show how to add a round for checking the honesty of the arbitrator, and thus the trust put on the arbitrator can be reduced.

physics, multidisciplinary,quantum science & technology, mathematical

V P Binu,A Sreekumar

DOI: https://doi.org/10.48550/arXiv.1603.09524

2016-03-31

Cryptography and Security

Abstract:Secret Sharing techniques are now the building blocks of several security protocols. A (t;n) threshold secret sharing scheme is one in which t or more participant can join together to retrieve the secret.Traditional single secret sharing schemes are modified and generalized to share multiple secrets.Use of elliptic curve and pairing in secret sharing is gaining more importance.In this paper we propose a threshold multi secret sharing scheme where more than one secret is shared.When the threshold number of participants collate, the multi secret can be retrieved. The scheme make use of elliptic curve and bilinear pairing.Verification of shares by the participants, shares consistency checking, detection and identification of cheaters are the extended capabilities achieved.The shared secrets are retrieved in single stage here, unlike the multi stage secret sharing scheme.The participants can be added very easily.The scheme is efficient and the number of public parameters are also less compared with the existing threshold multi secret sharing scheme based on the elliptic curve.The dealer can easily modify the secret or add additional secret by changing the public parameters of the scheme.This is the first proposal of a threshold multi secret sharing scheme with extended capabilities using self pairing.

Dongping HUANG,Duo LIU,Yiqi DAI

DOI: https://doi.org/10.3321/j.issn:1000-0054.2007.04.036

2007-01-01

Abstract:A verifiable multi-level threshold multi-secret sharing scheme based on the intractability of the discrete logarithm and integer factorization was developed to eliminate limitations of previous threshold schemes that secrets can only be shared in the same level threshold. The secrets are shared with a polynomial which degenerates to a lower order polynomial for different thresholds. Compared with previous schemes, this scheme simultaneously maintains multi-level thresholds and multiple secrets for the same threshold level. The recovery of any shared secret on any threshold level will not leak any other un-recovered secret. The system is easily managed and uses sub-secret because only one sub-secret need be kept for each participant.

Daoshun Wang,Ziwei Ye,Xiaobo Li

DOI: https://doi.org/10.48550/arXiv.1305.1146

2013-05-06

Cryptography and Security

Abstract:Threshold schemes have been used to protect secrets by distributing shares to participants. To protect two secrets, we can use two separate traditional schemes, say, a (t1, n1) scheme and a (t2, n2) scheme. If there are u (<=min(t1, t2)) participants involved in both schemes, each of these u participants must keep two different shares. This paper proposes a method that allows each common participant to keep only one share. Our method constructs two polynomials with u common crossover points. We give theoretical details and two demonstrative examples. This algorithm can also handle the collaboration between more than two schemes.

Xingxing Jia,Daoshun Wang,Daxin Nie,Xiangyang Luo,Jonathan Zheng Sun

DOI: https://doi.org/10.1016/j.ins.2018.09.024

IF: 8.1

2019-01-01

Information Sciences

Abstract:A general (t, n) secret sharing (SS) scheme with fixed threshold allows a secret to be shared without considering the time dynamic nature of the security environment. In this paper, we propose a threshold changeable secret sharing scheme whose threshold can be changed in an integer interval [t, t′] without updating the shares. In this scheme, a different threshold can be activated at any time through the public broadcast channel. At the heart of the proposed scheme is a novel matrix of primes. The validity of the share generation and secret reconstruction is provided by the Chinese Remainder Theorem (CRT). We prove the existence of the proposed matrix and present a method to efficiently construct it, which makes use of a proposed sequence of nested closed intervals generated by large co-prime numbers. We further use the structure to propose a scheme with computational security, without maintaining online dealer. Compared with previous methods, the proposed scheme has short share size and low complexity for recovery. For any changeable threshold in [t, t′], the increase in share size is at most 1t−1 of that from previous methods. Computational complexity for secret recovery is O(t), compared with O(tlog2t) of the best previous methods.

Dong-ping HUANG,Duo LIU,Dao-shun WANG,Yi-qi DAI

DOI: https://doi.org/10.3321/j.issn:0372-2112.2006.11.001

2006-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:A verifiable threshold multi-secret sharing scheme is proposed in this paper. As the secret can be recovered with the shadows provided by participants and it is computationally difficult to get the sub-keys from the shadows, the sub-keys can be reused to share the multi-secret in this scheme. By verifying the information published by the dealer as well as the shadows of sub-keys provided by participants, this scheme can prevent both dealer and participant from cheating. The security of this scheme is the same as that of RSA cryptosystem and Shamir's (k, n)-threshold scheme. Two kinds of cheating methods against threshold multi-secret sharing scheme are also proposed, which can threaten the security of previous schemes more or less. But the scheme proposed in this paper provides efficient solutions against these cheatings and achieves the same computational security with a better performance compared with the previous schemes.

Shuhong Wang,Guilin Wang,Feng Bao,Jie Wang

2004-01-01

Abstract:SUMMARY In 2000, Wang et al. proposed a ( t , n ) threshold signa-ture scheme with ( k , l ) threshold shared verification, and a ( t , n ) thresholdauthenticated encryption scheme with ( k , l ) threshold shared verification.Later, Tseng et al. mounted some attacks against Wang et al.’s schemes.At the same, they also presented the improvements. In this paper, we firstpoint out that Tseng et al.’s attacks are actually invalid due to their mis-understanding of Wang et al.’s Schemes. Then, we show that both Wanget al.’s schemes and Tseng et al.’s improvements are indeed insecure bydemonstrating several effective attacks. key words: digital signature, threshold signature, authenticated encryp-tion, security, cryptography 1. Introduction Since the first introduction of the group-oriented cryptosys-tems for group communications by Desmedt [1] in 1987,several solutions and modifications have been proposed in[2]–[4],[6]–[8] by employing threshold techniques. A ( t , n )threshold signature scheme allows

Guo‐Cai Wang

2008-01-01

Abstract:On the cryptanalysis of threshold proxy signature scheme and multi signature scheme, a threshold proxy and multi signature scheme based on elliptic curve is presented. In the scheme ,multiple-original signers can delegate their signing capability to a group of proxy signers and any t of the group of proxy signers which has n persons can represent original signers to generate effective signed by using(t,n) threshold signature scheme. Because it is based on elliptic, the computation and the traffic of this scheme are both small.

Feng Xu,Wenhuan Zhou,Xuan Liu

DOI: https://doi.org/10.1080/10798587.2012.10643271

2012-01-01

Intelligent Automation & Soft Computing

Abstract:Aiming at the security and performance problems existed in most threshold proxy signature (TPS) schemes, this paper presents a new TPS scheme based on bilinear pairings. In this work, the security level of the proposed TPS scheme has been significantly enhanced by using improved short signatures and interactive secret-sharing. Our analysis indicates that the proposed scheme achieves the six accepted security properties that are required for a strong-secure TPS scheme. It can also resist a severe attack against TPS, i.e., original signer changing attack.

Yingkai Ouyang,Si-Hui Tan,Liming Zhao,Joseph F. Fitzsimons

DOI: https://doi.org/10.1103/PhysRevA.96.052333

2017-02-13

Abstract:A (k,n)-threshold secret-sharing scheme allows for a string to be split into n shares in such a way that any subset of at least k shares suffices to recover the secret string, but such that any subset of at most k-1 shares contains no information about the secret. Quantum secret-sharing schemes extend this idea to the sharing of quantum states. Here we propose a method of performing computation on quantum shared secrets. We introduce a (n,n)-quantum secret sharing scheme together with a set of protocols that allow quantum circuits to be evaluated on the shared secret without the need to decode the secret. We consider a multipartite setting, with each participant holding a share of the secret. We show that if there exists at least one honest participant, no group of dishonest participants can recover any information about the shared secret, independent of their deviations from the protocol.

Quantum Physics

Guofeng Tang,Bo Pang,Long Chen,Zhenfeng Zhang

DOI: https://doi.org/10.1109/tifs.2023.3293408

IF: 7.231

2023-07-22

IEEE Transactions on Information Forensics and Security

Abstract:A threshold signature scheme distributes the ability to generate signatures through distributed key generation and signing protocols. A threshold signature scheme should be functionally interchangeable, meaning that a signature produced by a threshold scheme should be verifiable by the same algorithm used for non-threshold signatures. To resist future attacks from quantum adversaries, lattice-based threshold signatures are desirable. However, the performance of existing lattice-based threshold signing protocols is still far from practical. This paper presents the first lattice-based -out-of- threshold signature scheme with functional interchangeability that has been implemented. To build an -out-of- access structure for arbitrary , we first present a novel -out-of- version of the SPDZ MPC protocol. We avoid using the MPC protocol to evaluate hash operations for high concrete efficiency. Moreover, we design an efficient distributed rejection sampling protocol. Consequently, the online phase of our distributed signing protocol takes only 0.5 seconds in the two-party setting and 7.3 seconds in the 12-party setting according to our implementation. As a byproduct, our scheme also presents a periodic key refreshment mechanism and offers proactive security.

computer science, theory & methods,engineering, electrical & electronic

Jiahong Wu,Nan Liu,Wei Kang

2023-12-10

Abstract:In this paper, we consider the case that sharing many secrets among a set of participants using the threshold schemes. All secrets are assumed to be statistically independent and the weak secure condition is focused on. Under such circumstances we investigate the infimum of the (average) information ratio and the (average) randomness ratio for any structure pair which consists of the number of the participants and the threshold values of all secrets. For two structure pairs such that the two numbers of the participants are the same and the two arrays of threshold values have the subset relationship, two leading corollaries are proved following two directions. More specifically, the bound related to the lengths of shares, secrets and randomness for the complex structure pair can be truncated for the simple one; and the linear schemes for the simple structure pair can be combined independently to be a multiple threshold scheme for the complex one. The former corollary is useful for the converse part and the latter one is helpful for the achievability part. Three new bounds special for the case that the number of secrets corresponding to the same threshold value $ t $ is lager than $ t $ and two novel linear schemes modified from the Vandermonde matrix for two similar cases are presented. Then come the optimal results for the average information ratio, the average randomness ratio and the randomness ratio. We introduce a tiny example to show that there exists another type of bound that may be crucial for the information ratio, to which we only give optimal results in three cases.

Information Theory

Yumeng Xie,Qing Fan,Chuan Zhang,Tong Wu,Yuao Zhou,Debiao He,Liehuang Zhu

DOI: https://doi.org/10.1109/tifs.2024.3428848

IF: 7.231

2024-07-26

IEEE Transactions on Information Forensics and Security

Abstract:Threshold signatures as a method to realize multi-party cooperation and trust distribution in blockchain have been widely studied in recent years. However, among these researches, few threshold signature schemes achieve all the properties of accountability, privacy, and key protection for the EdDSA-based blockchain systems. To fill this gap, we propose an EdDSA-based accountable threshold signature protocol with privacy and proactive refresh, named TAPS-PR. Meanwhile, we define new security models and give a detailed analysis to prove protocol security. In TAPS-PR, the threshold is variable and hidden with the signing quorum from the public view. However, the signing quorum can be traced when threshold signatures related to fraudulent events are generated. We also enhance the key security of each signer by proactive refresh, which realizes updating the private key while the public key remains unchanged. Apart from that, we present ATS-PR with increased efficiency and reduced communication cost at the cost of weaker security. The theoretical analysis and experimental results indicate that our protocols perform efficiently in terms of communication and computation overhead. Furthermore, we use Tezos, a blockchain project employing EdDSA, as a case study to demonstrate the compatibility of our protocol with real-world blockchain applications.

computer science, theory & methods,engineering, electrical & electronic

Jing Wang,Xue Yuan,Yingjie Xu,Yudi Zhang

DOI: https://doi.org/10.1049/2024/2252865

2024-10-19

IET Information Security

Abstract:Large language models (LLMs) have brought significant advancements to artificial intelligence, particularly in understanding and generating human language. However, concerns over management burden and data security have grown alongside their capabilities. To solve the problem, we design a blockchain‐based distributed LLM framework, where LLM works in the distributed mode and its outputs can be stored and verified on a blockchain to ensure integrity, transparency, and traceability. In addition, a multiparty signature‐based authentication mechanism is necessary to ensure stakeholder consensus before publication. To address these requirements, we propose a threshold elliptic curve digital signature algorithm that counters malicious adversaries in environments with three or more participants. Our approach relies on discrete logarithmic zero‐knowledge proofs and Feldman verifiable secret sharing, reducing complexity by forgoing multiplication triple protocols. When compared with some related schemes, this optimization speeds up both the key generation and signing phases with constant rounds while maintaining security against malicious adversaries.

computer science, information systems, theory & methods

Yang Yu

2008-01-01

Abstract:A threshold proxy quantum signature scheme with threshold shared verification is proposed. An original signer could authorize a group as its proxy signers. Then only t or more of n persons in the proxy group can generate the proxy signature on behalf of the original signer and any t-1 or fewer ones cannot do that. When the proxy signature needs to be verified,any t or more of n persons belonging to the verification group can verify the message and any t-1 or fewer ones cannot verify the validity of the proxy signature.

Kiarash Sedghighadikolaei,Attila Altay Yavuz

2024-09-17

Abstract:Threshold digital signatures enable a distributed execution of signature functionalities and will play a crucial role in the security of emerging decentralized next-generation networked systems and applications. In this paper, we provide a comprehensive and systematic survey of threshold and distributed signatures with advanced features. Our survey encompasses threshold signatures in conventional and post-quantum cryptography (PQC) settings and captures custom-design and standard signatures (e.g., conventional NIST and NIST-PQC). We examine both generic (via secure multi-party computation) and custom thresholding techniques for a myriad of signature families while investigating exotic signatures, real-life applications, and potential future research direction.

Cryptography and Security

Tao Yang,Hu Xiong,Jianbin Hu,Yonggang Wang,Yong Deng,Biao Xiao,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-20291-9_39

2011-01-01

Abstract:Using our (t, n) threshold proxy signature scheme, the original signer can delegate the power of signing messages to a designated proxy group of a members. Any t or more proxy signers of the group can cooperatively issue a proxy signature on behalf of the original signer, but t - 1 or less proxy signers cannot. Recently, in order to eliminate the use of certificates in certified public key cryptography and the key-escrow problem in identity-based cryptography; the notion of certificateless public key cryptography was introduced. In this paper; we present a traceable certificateless threshold proxy signature scheme based on bilinear pairings. For the privacy protection, all proxy signers remain anonymous but can be traceable by KGC through a tag setting. We show the scheme satisfies the security requirements in the random oracle model. To the best of our knowledge; our scheme is the first traceable certificateless threshold proxy signature scheme from bilinear pairings.

HM SUN,SP SHIEH

DOI: https://doi.org/10.1049/el:19941411

1994-01-01

Electronics Letters

Abstract:An (m, n) threshold scheme is to decompose a shared secret into n shares in such a way that the shared secret cannot be reclaimed unless any m shares are collected. A new dynamic threshold scheme that allows the shared secret to be updated without changing the shares is proposed.<>