Non-interactive SM2 threshold signature scheme with identifiable abort

Huiqiang LIANG; Jianhua CHEN

doi:10.1007/s11704-022-2288-x

PDF(9042 KB)

Front. Comput. Sci. ›› 2024, Vol. 18 ›› Issue (1) : 181802. DOI: 10.1007/s11704-022-2288-x

Information Security

Next Generation Blockchain: Theories, Algorithms and Applications - RESEARCH ARTICLE

Non-interactive SM2 threshold signature scheme with identifiable abort

Author information +

History +

Abstract

A threshold signature is a special digital signature in which the $N$ -signer share the private key $x$ and can construct a valid signature for any subset of the included $t$ -signer, but less than $t$ -signer cannot obtain any information. Considering the breakthrough achievements of threshold ECDSA signature and threshold Schnorr signature, the existing threshold SM2 signature is still limited to two parties or based on the honest majority setting, there is no more effective solution for the multiparty case. To make the SM2 signature have more flexible application scenarios, promote the application of the SM2 signature scheme in the blockchain system and secure cryptocurrency wallets. This paper designs a non-interactive threshold SM2 signature scheme based on partially homomorphic encryption and zero-knowledge proof. Only the last round requires the message input, so make our scheme non-interactive, and the pre-signing process takes 2 rounds of communication to complete after the key generation. We allow arbitrary threshold $t \leq n$ and design a key update strategy. It can achieve security with identifiable abort under the malicious majority, which means that if the signature process fails, we can find the failed party. Performance analysis shows that the computation and communication costs of the pre-signing process grows linearly with the parties, and it is only $1 / 3$ of the Canetti’s threshold ECDSA (CCS'20).

Graphical abstract

Keywords

SM2 signature / secure multi-party computation / threshold signature / UC-secure / dishonest majority

Cite this article

EndNote

Ris (Procite)

Bibtex

Download citation ▾

Huiqiang LIANG, Jianhua CHEN. Non-interactive SM2 threshold signature scheme with identifiable abort. Front. Comput. Sci., 2024, 18(1): 181802 https://doi.org/10.1007/s11704-022-2288-x

This is a preview of subscription content, contact us for subscripton.

Huiqiang Liang is currently pursing his MS degree at School of Mathematics and Statistics, Wuhan University, China. His main research interests include cryptography and information security and SMPC

Jianhua Chen received the MS and PhD degrees from School of Mathematics and Statistics, Wuhan University, China in 1989 and 1994, respectively. He is currently a professor of the Applied Mathematics Department, Wuhan University, China. His current research interests include number theory, information security, and network security

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	Desmedt Y. Society and group oriented cryptography: a new concept. In: Proceedings of the Advances in Cryptology. 1988, 120−127

[2]	Desmedt Y, Frankel Y. Threshold cryptosystems. In: Proceedings of the Advances in Cryptology. 1990, 307−315

[3]	ISO. ISO/IEC 14888-3:2018 IT security techniques-Digital signatures with appendix-part 3: discrete logarithm based mechanisms. Geneva, Switzerland: International Organization for Standardization, 2018

[4]	Nick J, Ruffing T, Seurin Y. MuSig2: simple two-round schnorr multi-signatures. In: Proceedings of the 41st Annual International Cryptology Conference on Advances in Cryptology. 2021, 189–221

[5]	MacKenzie P, Reiter M K. Two-party generation of DSA signatures. In: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology. 2001, 137−154

[6]	Gennaro R, Goldfeder S, Narayanan A. Threshold-optimal DSA/ECDSA signatures and an application to bitcoin wallet security. In: Proceedings of the 14th International Conference on Applied Cryptography and Network Security. 2016, 156−174

[7]	Lindell Y . Fast secure two-party ECDSA signing. Journal of Cryptology, 2021, 34( 4): 44

[8]	Doerner J, Kondi Y, Lee E, Shelat A. Secure two-party threshold ECDSA from ECDSA assumptions. In: Proceedings of 2018 IEEE Symposium on Security and Privacy (SP). 2018, 980–997

[9]	Gennaro R, Goldfeder S. Fast multiparty threshold ECDSA with fast trustless setup. In: Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018, 1179−1194

[10]	Pettit M. Efficient threshold-optimal ECDSA. In: Proceedings of the 20th International Conference on Cryptology and Network Security. 2021, 116−135

[11]	Canetti R, Gennaro R, Goldfeder S, Makriyannis N, Peled U. UC non-interactive, proactive, threshold ECDSA with identifiable aborts. In: Proceedings of 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020, 1769−1787

[12]	Lindell Y, Nof A. Fast secure multiparty ECDSA with practical distributed key generation and applications to cryptocurrency custody. In: Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018, 1837−1854

[13]	Shang M, Ma Y, Lin J Q, Jing J W . A threshold scheme for SM2 elliptic curve cryptographic algorithm. Journal of Cryptologic Research, 2014, 1( 2): 155–166

[14]	Zhang Y, He D, Zhang M, Choo K K R . A provable-secure and practical two-party distributed signing protocol for SM2 signature algorithm. Frontiers of Computer Science, 2020, 14( 3): 143803

[15]	Keller M. MP-SPDZ: a versatile framework for multi-party computation. In: Proceedings of 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020, 1575−1590

[16]	Acar A, Aksu H, Uluagac A S, Conti M . A survey on homomorphic encryption schemes: theory and implementation. ACM Computing Surveys, 2019, 51( 4): 79

[17]	Administration S C. Information security technology—Public key cryptographic algorithm SM2 based on elliptic curves—Part 2: Digital signature algorithm. Beijing: State Cryptography Administration, 2016

[18]	Paillier P. Public-key cryptosystems based on composite degree residuosity classes. In: Proceedings of the International Conference on Advances in Cryptology. 1999, 223−238

[19]	Tymokhanov D, Shlomovits O. Alpha-rays: key extraction attacks on threshold ECDSA implementations. IACR Cryptology ePrint Archive, 2021, 2021:1621

[20]	Gennaro R, Goldfeder S. One round threshold ECDSA with identifiable abort. IACR Cryptology ePrint Archive, 2020, 2020:540

[21]	Shamir A . How to share a secret. Communications of the ACM, 1979, 22( 11): 612–613

[22]	Feldman P. A practical scheme for non-interactive verifiable secret sharing. In: Proceedings of the 28th Annual Symposium on Foundations of Computer Science. 1987, 427−438

[23]	Lindell Y. Simple three-round multiparty schnorr signing with full simulatability. IACR Cryptology ePrint Archive, 2022, 2022:374

[24]	Cramer R, Damgård I, Schoenmakers B. Proofs of partial knowledge and simplified design of witness hiding protocols. In: Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology. 1994, 174−187

[25]	Cohen R, Haitner I, Omri E, Rotem L . From fairness to full security in multiparty computation. Journal of Cryptology, 2022, 35( 1): 4

[26]	Goldreich O. Foundations of Cryptography: Volume 2, Basic Applications. Cambridge: Cambridge University Press, 2009

[27]	Canetti R. Universally composable security: a new paradigm for cryptographic protocols. In: Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science. 2001, 136−145

[28]	Li X, He M. A protocol of member-join in a secret sharing scheme. In: Proceedings of the 2nd Information Security Practice and Experience. 2006, 134−141

[29]	Yu J, Kong F, Hao R, Li X. How to publicly verifiably expand a member without changing old shares in a secret sharing scheme. In: Proceedings of the IEEE ISI 2008 International Workshops on Intelligence and Security Informatics. 2008, 138−148

[30]	Castagnos G, Catalano D, Laguillaumie F, Savasta F, Tucker I. Two-party ECDSA from hash proof systems and efficient instantiations. In: Proceedings of the 39th Annual International Cryptology Conference on Advances in Cryptology. 2019, 191–221

[31]	Doerner J, Kondi Y, Lee E, Shelat A. Threshold ECDSA from ECDSA assumptions: the multiparty case. In: Proceedings of 2019 IEEE Symposium on Security and Privacy (SP). 2019, 1051−1066

[32]	Wang C, Wang D, Tu Y, Xu G, Wang H . Understanding node capture attacks in user authentication schemes for wireless sensor networks. IEEE Transactions on Dependable and Secure Computing, 2022, 19( 1): 507–523

[33]	Qiu S, Wang D, Xu G, Kumari S . Practical and provably secure three-factor authentication protocol based on extended chaotic-maps for mobile lightweight devices. IEEE Transactions on Dependable and Secure Computing, 2022, 19( 2): 1338–1351

[34]	Wang Q, Wang D, Cheng C, He D. Quantum2FA: efficient quantum-resistant two-factor authentication scheme for mobile devices. IEEE Transactions on Dependable and Secure Computing, 2021, doi: 10.1109/TDSC.2021.3129512

[35]	Li Z, Wang D, Morais E . Quantum-safe round-optimal password authentication for mobile devices. IEEE Transactions on Dependable and Secure Computing, 2022, 19( 3): 1885–1899