Non-interactive SM2 threshold signature scheme with identifiable abort

Huiqiang LIANG; Jianhua CHEN

doi:10.1007/s11704-022-2288-x

Front. Comput. Sci. ›› 2024, Vol. 18 ›› Issue (1) :181802 DOI: 10.1007/s11704-022-2288-x

Information Security

RESEARCH ARTICLE

Non-interactive SM2 threshold signature scheme with identifiable abort

Huiqiang LIANG
, Jianhua CHEN ^†

Author information +

History +

PDF (9042KB)

Abstract

A threshold signature is a special digital signature in which the $N$ -signer share the private key $x$ and can construct a valid signature for any subset of the included $t$ -signer, but less than $t$ -signer cannot obtain any information. Considering the breakthrough achievements of threshold ECDSA signature and threshold Schnorr signature, the existing threshold SM2 signature is still limited to two parties or based on the honest majority setting, there is no more effective solution for the multiparty case. To make the SM2 signature have more flexible application scenarios, promote the application of the SM2 signature scheme in the blockchain system and secure cryptocurrency wallets. This paper designs a non-interactive threshold SM2 signature scheme based on partially homomorphic encryption and zero-knowledge proof. Only the last round requires the message input, so make our scheme non-interactive, and the pre-signing process takes 2 rounds of communication to complete after the key generation. We allow arbitrary threshold $t ≤ n$ and design a key update strategy. It can achieve security with identifiable abort under the malicious majority, which means that if the signature process fails, we can find the failed party. Performance analysis shows that the computation and communication costs of the pre-signing process grows linearly with the parties, and it is only $1 / 3$ of the Canetti’s threshold ECDSA (CCS'20).

Graphical abstract

Keywords

SM2 signature / secure multi-party computation / threshold signature / UC-secure / dishonest majority

Cite this article

Download citation ▾

Huiqiang LIANG, Jianhua CHEN. Non-interactive SM2 threshold signature scheme with identifiable abort. Front. Comput. Sci., 2024, 18(1): 181802 DOI:10.1007/s11704-022-2288-x

登录浏览全文

4963

注册一个新账户忘记密码

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	Desmedt Y. Society and group oriented cryptography: a new concept. In: Proceedings of the Advances in Cryptology. 1988, 120−127

[2]	Desmedt Y, Frankel Y. Threshold cryptosystems. In: Proceedings of the Advances in Cryptology. 1990, 307−315

[3]	ISO. ISO/IEC 14888-3:2018 IT security techniques-Digital signatures with appendix-part 3: discrete logarithm based mechanisms. Geneva, Switzerland: International Organization for Standardization, 2018

[4]	Nick J, Ruffing T, Seurin Y. MuSig2: simple two-round schnorr multi-signatures. In: Proceedings of the 41st Annual International Cryptology Conference on Advances in Cryptology. 2021, 189–221

[5]	MacKenzie P, Reiter M K. Two-party generation of DSA signatures. In: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology. 2001, 137−154

[6]	Gennaro R, Goldfeder S, Narayanan A. Threshold-optimal DSA/ECDSA signatures and an application to bitcoin wallet security. In: Proceedings of the 14th International Conference on Applied Cryptography and Network Security. 2016, 156−174

[7]	Lindell Y . Fast secure two-party ECDSA signing. Journal of Cryptology, 2021, 34( 4): 44

[8]	Doerner J, Kondi Y, Lee E, Shelat A. Secure two-party threshold ECDSA from ECDSA assumptions. In: Proceedings of 2018 IEEE Symposium on Security and Privacy (SP). 2018, 980–997

[9]	Gennaro R, Goldfeder S. Fast multiparty threshold ECDSA with fast trustless setup. In: Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018, 1179−1194

[10]	Pettit M. Efficient threshold-optimal ECDSA. In: Proceedings of the 20th International Conference on Cryptology and Network Security. 2021, 116−135

[11]	Canetti R, Gennaro R, Goldfeder S, Makriyannis N, Peled U. UC non-interactive, proactive, threshold ECDSA with identifiable aborts. In: Proceedings of 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020, 1769−1787

[12]	Lindell Y, Nof A. Fast secure multiparty ECDSA with practical distributed key generation and applications to cryptocurrency custody. In: Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018, 1837−1854

[13]	Shang M, Ma Y, Lin J Q, Jing J W . A threshold scheme for SM2 elliptic curve cryptographic algorithm. Journal of Cryptologic Research, 2014, 1( 2): 155–166

[14]	Zhang Y, He D, Zhang M, Choo K K R . A provable-secure and practical two-party distributed signing protocol for SM2 signature algorithm. Frontiers of Computer Science, 2020, 14( 3): 143803

[15]	Keller M. MP-SPDZ: a versatile framework for multi-party computation. In: Proceedings of 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020, 1575−1590

[16]	Acar A, Aksu H, Uluagac A S, Conti M . A survey on homomorphic encryption schemes: theory and implementation. ACM Computing Surveys, 2019, 51( 4): 79

[17]	Administration S C. Information security technology—Public key cryptographic algorithm SM2 based on elliptic curves—Part 2: Digital signature algorithm. Beijing: State Cryptography Administration, 2016

[18]	Paillier P. Public-key cryptosystems based on composite degree residuosity classes. In: Proceedings of the International Conference on Advances in Cryptology. 1999, 223−238

[19]	Tymokhanov D, Shlomovits O. Alpha-rays: key extraction attacks on threshold ECDSA implementations. IACR Cryptology ePrint Archive, 2021, 2021:1621

[20]	Gennaro R, Goldfeder S. One round threshold ECDSA with identifiable abort. IACR Cryptology ePrint Archive, 2020, 2020:540

[21]	Shamir A . How to share a secret. Communications of the ACM, 1979, 22( 11): 612–613

[22]	Feldman P. A practical scheme for non-interactive verifiable secret sharing. In: Proceedings of the 28th Annual Symposium on Foundations of Computer Science. 1987, 427−438

[23]	Lindell Y. Simple three-round multiparty schnorr signing with full simulatability. IACR Cryptology ePrint Archive, 2022, 2022:374

[24]	Cramer R, Damgård I, Schoenmakers B. Proofs of partial knowledge and simplified design of witness hiding protocols. In: Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology. 1994, 174−187

[25]	Cohen R, Haitner I, Omri E, Rotem L . From fairness to full security in multiparty computation. Journal of Cryptology, 2022, 35( 1): 4

[26]	Goldreich O. Foundations of Cryptography: Volume 2, Basic Applications. Cambridge: Cambridge University Press, 2009

[27]	Canetti R. Universally composable security: a new paradigm for cryptographic protocols. In: Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science. 2001, 136−145

[28]	Li X, He M. A protocol of member-join in a secret sharing scheme. In: Proceedings of the 2nd Information Security Practice and Experience. 2006, 134−141

[29]	Yu J, Kong F, Hao R, Li X. How to publicly verifiably expand a member without changing old shares in a secret sharing scheme. In: Proceedings of the IEEE ISI 2008 International Workshops on Intelligence and Security Informatics. 2008, 138−148

[30]	Castagnos G, Catalano D, Laguillaumie F, Savasta F, Tucker I. Two-party ECDSA from hash proof systems and efficient instantiations. In: Proceedings of the 39th Annual International Cryptology Conference on Advances in Cryptology. 2019, 191–221

[31]	Doerner J, Kondi Y, Lee E, Shelat A. Threshold ECDSA from ECDSA assumptions: the multiparty case. In: Proceedings of 2019 IEEE Symposium on Security and Privacy (SP). 2019, 1051−1066

[32]	Wang C, Wang D, Tu Y, Xu G, Wang H . Understanding node capture attacks in user authentication schemes for wireless sensor networks. IEEE Transactions on Dependable and Secure Computing, 2022, 19( 1): 507–523

[33]	Qiu S, Wang D, Xu G, Kumari S . Practical and provably secure three-factor authentication protocol based on extended chaotic-maps for mobile lightweight devices. IEEE Transactions on Dependable and Secure Computing, 2022, 19( 2): 1338–1351

[34]	Wang Q, Wang D, Cheng C, He D. Quantum2FA: efficient quantum-resistant two-factor authentication scheme for mobile devices. IEEE Transactions on Dependable and Secure Computing, 2021,

[35]	Li Z, Wang D, Morais E . Quantum-safe round-optimal password authentication for mobile devices. IEEE Transactions on Dependable and Secure Computing, 2022, 19( 3): 1885–1899