Recently, threshold ECDSA schemes have received much attention from the security community, due to the need of efficient key management in the blockchain system. For the practical use of threshold cryptosystem, a key recovery protocol is essential for users who lost their own secret shares to recover them. It was studied for a long time in the proactive secret sharing area, but the main aim of recent studies in that area is to achieve stronger security and so they are immoderate for the currently existing threshold ECDSA schemes. In this paper, we provide a new key recovery protocol for threshold ECDSA schemes that is secure against static corruptions by malicious adversaries, as in the common adversary model of the state-of-the-art threshold ECDSA schemes. Our proposed protocol reduces both the computational and communication costs to O(t 2 ) from O(t 3 ) where t is the threshold of the schemes, that is, the minimum number of users required for generating a valid signature. According to our experimental results, when t = 2 with 128-bit security, while the previous result takes 10.46 ms in total for all computations (excluding the transmission time on the network), our protocol takes 4.21 ms, which improves by a factor of about 2.48 times. The advantage of our protocol over the previous result is bigger when t is larger. For example, when t = 9 with 128-bit security, while the previous result requires 333.42 ms in total for all computations, our protocol requires 56.61 ms, which outperforms the previous result by a factor of about 5.89 times.
Re-encryption mix-nets (RMNs) provide an efficient, cryptographic, anonymous channel for useful applications, such as e-voting and web browsing. Many studies have been devoted to achieving practically efficient RMN protocols, but less attention has been paid to addressing their round efficiency than to computation and communication measures. However, in many interactive cryptographic protocols, network latency governs the overall execution time. Because e-voting systems are particularly interaction intensive, the design of a round-efficient RMN protocol is of particular interest. We propose a constant-round RMN protocol in a three-party model that consists of senders, mix servers and some number of receivers. Here, the main role of the receivers is to jointly decrypt a list of ciphertexts obtained from the mixing stage. Such an explicit three-party model is most suitable for e-voting applications. We define an ideal three-party RMN in the universally composable (UC) framework. We then present a constant-round RMN protocol based on the standard assumptions and prove that it UC realizes the ideal three-party RMN with respect to a static adversary that can corrupt a minority of mix servers, disallowing receivers who collude with other players. We implement and evaluate our RMN protocol over various ranges of the numbers of senders and mix servers. Our evaluation shows that our protocol runs up to 2.5ˆfaster than the Universal RMN protocol. In addition, we provide a detailed theoretical analysis of our protocol in terms of computation, transmission, and round efficiency.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.