Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody

Lindell, Yehuda; Nof, Ariel

doi:10.1145/3243734.3243788

Cited by 120 publications

(57 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, there has been a lot of interest in threshold ECDSA due to its applications to protecting cryptocurrencies. 14,17,26,27 Dishonest-majority MPC. Previously, we described a general protocol for MPC that is secure as long as an adversary cannot corrupt more than a minority of the parties.…”

Section: Feasibility Of Mpcmentioning

confidence: 99%

Secure multiparty computation

Lindell

2020

Commun. ACM

Self Cite

107

View full text Add to dashboard Cite

show abstract

Section: Feasibility Of Mpcmentioning

confidence: 99%

Secure multiparty computation

Lindell

2020

Commun. ACM

Self Cite

107

View full text Add to dashboard Cite

show abstract

“…While this design is more efficient than previous ones, it requires significantly higher transmission bandwidth. To generalise their approaches to the multi-party setting, Lindell and Nof [29] extended their prior work and constructed a full-threshold protocol for multi-party ECDSA, where the private key is additively shared instead of multiplicatively. Thus, their private multiplication protocol on secret shares could be based on both Paillier and Oblivious Transfer [34] for various application scenarios.…”

Section: Related Workmentioning

confidence: 99%

“…For ECDSA, the first two-party setting was addressed by MacKenzie and Reiter [26]. Since then, a number of two-party protocols have also been presented in the literature [27,28], and extended multi-party version [29,30].…”

Section: Introductionmentioning

confidence: 99%

Distributed signing protocol for IEEE P1363‐compliant identity‐based signature scheme

Feng

Liu

et al. 2020

IET Information Security

View full text Add to dashboard Cite

“…To link ledger transitions and data release, [15] exploits algebraic properties of the ECDSA signature used in Bitcoin: relying on homomorphic encryption, e.g. Paillier, an encrypted signature can be constructed from an encryption of the signing key, which can be constructed by adding shares of the signing key on top of an initial encrypted share [36][37][38][39]. A Diffie-Hellman group is used to establish a shared key.…”

Section: Zkcp Protocol On the Basecoin Ledgermentioning

confidence: 99%

Contingent Payments on a Public Ledger: Models and Reductions for Automated Verification

Bursuc

Kremer

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We study protocols that rely on a public ledger infrastructure, concentrating on protocols for zero-knowledge contingent payment, whose security properties combine diverse notions of fairness and privacy. We argue that rigorous models are required for capturing the ledger semantics, the protocol-ledger interaction, the cryptographic primitives and, ultimately, the security properties one would like to achieve. Our focus is on a particular level of abstraction, where network messages are represented by a term algebra, protocol execution by state transition systems (e.g. multiset rewrite rules) and where the properties of interest can be analyzed with automated verification tools. We propose models for: (1) the rules guiding the ledger execution, taking the coin functionality of public ledgers such as Bitcoin as an example; (2) the security properties expected from ledger-based zero-knowledge contingent payment protocols; (3) two different security protocols that aim at achieving these properties relying on different ledger infrastructures; (4) reductions that allow simpler term algebras for homomorphic cryptographic schemes. Altogether, these models allow us to derive a first automated verification for ledger-based zero-knowledge contingent payment using the Tamarin prover. Furthermore, our models help in clarifying certain underlying assumptions, security and efficiency tradeoffs that should be taken into account when deploying protocols on the blockchain.

show abstract

Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody

Cited by 120 publications

References 18 publications

Secure multiparty computation

Secure multiparty computation

Distributed signing protocol for IEEE P1363‐compliant identity‐based signature scheme

Contingent Payments on a Public Ledger: Models and Reductions for Automated Verification

Contact Info

Product

Resources

About