Fully distributed identity-based threshold signatures with identifiable aborts

Yan JIANG; Youwen ZHU; Jian WANG; Xingxin LI

doi:10.1007/s11704-022-2370-4

Front. Comput. Sci. ›› 2023, Vol. 17 ›› Issue (5) : 175813 DOI: 10.1007/s11704-022-2370-4

Information Security

RESEARCH ARTICLE

Fully distributed identity-based threshold signatures with identifiable aborts

Yan JIANG ¹^,²
, Youwen ZHU ¹^,²^,³^,^†
, Jian WANG ¹
, Xingxin LI ⁴

Author information +

History +

PDF (13073KB)

Abstract

Identity-based threshold signature (IDTS) is a forceful primitive to protect identity and data privacy, in which parties can collaboratively sign a given message as a signer without reconstructing a signing key. Nevertheless, most IDTS schemes rely on a trusted key generation center (KGC). Recently, some IDTS schemes can achieve escrow-free security against corrupted KGC, but all of them are vulnerable to denial-of-service attacks in the dishonest majority setting, where cheaters may force the protocol to abort without providing any feedback. In this work, we present a fully decentralized IDTS scheme to resist corrupted KGC and denial-of-service attacks. To this end, we design threshold protocols to achieve distributed key generation, private key extraction, and signing generation which can withstand the collusion between KGCs and signers, and then we propose an identification mechanism that can detect the identity of cheaters during key generation, private key extraction and signing generation. Finally, we formally prove that the proposed scheme is threshold unforgeability against chosen message attacks. The experimental results show that the computation time of both key generation and signing generation is <1 s, and private key extraction is about 3 s, which is practical in the distributed environment.

Graphical abstract

Keywords

threshold signatures / single points of failure / identifiable aborts

Cite this article

Download citation ▾

Yan JIANG, Youwen ZHU, Jian WANG, Xingxin LI. Fully distributed identity-based threshold signatures with identifiable aborts. Front. Comput. Sci., 2023, 17(5): 175813 DOI:10.1007/s11704-022-2370-4

登录浏览全文

4963

注册一个新账户忘记密码

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	Working Group on E-CNY Research and Development of the People’s Bank of China. Progress of research & development of E-CNY in China. See en.wikisource.org/wiki/Progress_on_Research_and_ Development_of_E-CNY_in_China website, 2021

[2]	Nakamoto S. Bitcoin: a peer-to-peer electronic cash system. See bitcoin.org/bitcoin website, 2009

[3]	Mu Y H, Xu H X, Li P L, Ma T J . Secure two-party SM9 signing. Science China Information Sciences, 2020, 63( 8): 189101

[4]	Yin H, Qin Z, Zhang J, Ou L, Li F, Li K . Secure conjunctive multi-keyword ranked search over encrypted cloud data for multiple data owners. Future Generation Computer Systems, 2019, 100: 689–700

[5]	Song F, Qin Z, Liu D, Zhang J, Lin X, Shen X . Privacy-preserving task matching with threshold similarity search via vehicular crowdsourcing. IEEE Transactions on Vehicular Technology, 2021, 70( 7): 7161–7175

[6]	Lindell Y. Fast secure two-party ECDSA signing. In: Proceedings of the 37th Annual International Cryptology Conference. 2017, 613–644

[7]	Ou L, Yin H, Qin Z, Xiao S, Yang G, Hu Y . An efficient and privacy-preserving multiuser cloud-based LBS query scheme. Security and Communication Networks, 2018, 2018: 4724815

[8]	Brandão L T A N, Davidson M, Vassilev A. NIST roadmap toward criteria for threshold schemes for cryptographic primitives. See csrc.nist.gov/publications/detail/nistir/8214a/final website, 2020

[9]	Gennaro R, Jarecki S, Krawczyk H, Rabin T. Robust threshold DSS signatures. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques. 1996, 354–371

[10]	MacKenzie P, Reiter M K. Two-party generation of DSA signatures. In: Proceedings of the 21st Annual International Cryptology Conference. 2001, 137–154

[11]	Kate A, Goldberg I. Distributed private-key generators for identity-based cryptography. In: Proceedings of the 7th International Conference on Security and Cryptography for Networks. 2010, 436–453

[12]	Boneh D, Franklin M. Identity-based encryption from the Weil pairing. In: Proceedings of the 21st Annual International Cryptology Conference. 2001, 213–229

[13]	Gennaro R, Jarecki S, Krawczyk H, Rabin T. Secure distributed key generation for discrete-log based cryptosystems. In: Proceedings of the 17th International Conference on the Theory and Application of Cryptographic Techniques. 1999, 295–310

[14]	Hess F. Efficient identity based signature schemes based on pairings. In: Proceedings of the 9th Annual International Workshop on Selected Areas in Cryptography. 2002, 310–324

[15]	Choon J C, Hee Cheon J. An identity-based signature from gap Diffie-Hellman groups. In: Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography. 2003, 18–30

[16]	Paterson K G, Schuldt J C N. Efficient identity-based signatures secure in the standard model. In: Proceedings of the 11th Australasian Conference on Information Security and Privacy. 2006, 207–222

[17]	Barreto P S L M, Libert B, McCullagh N, Quisquater J J. Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In: Proceedings of the 11th International Conference on the Theory and Application of Cryptology and Information Security. 2005, 515–532

[18]	Ishai Y, Ostrovsky R, Zikas V. Secure multi-party computation with identifiable abort. In: Proceedings of the 34th Annual Cryptology Conference on Advances in Cryptology. 2014, 369–386

[19]	Baek J, Zheng Y. Identity-based threshold signature scheme from the bilinear pairings. In: Proceedings of International Conference on Information Technology: Coding and Computing. 2004, 124–128

[20]	Chen X, Zhang F, Konidala D M, Kim K. New ID-based threshold signature scheme from bilinear pairings. In: Proceedings of the 5th International Conference on Cryptology in India. 2004, 371–383

[21]	Shao J, Cao Z, Wang L. Efficient ID-based threshold signature schemes without pairings. See eprint.iacr.org website, 2006

[22]	Gao W, Wang G, Wang X, Yang Z . One-round ID-based threshold signature scheme from bilinear pairings. Informatica, 2009, 20( 4): 461–476

[23]	Xiong H, Li F, Qin Z . Provably secure identity based threshold signature withoutrandom oracles. International Journal of Computers and Applications, 2009, 31( 4): 290–295

[24]	Xiong H, Qin Z, Li F . Identity-based threshold signature secure in the standard model. International Journal of Network Security, 2010, 10( 1): 75–80

[25]	Li F, Gao W, Wang G L, Chen K F, Wang X L. Efficient identity-based threshold signature scheme from bilinear pairings in standard model. International Journal of Internet Protocol Technology, 2014, 8(2–3): 2–3

[26]	Zhang Y, He D, Zeadally S, Wang D, Choo K K R . Efficient and provably secure distributed signing protocol for mobile devices in wireless networks. IEEE Internet of Things Journal, 2018, 5( 6): 5271–5280

[27]	He D, Zhang Y, Wang D, Choo K K R . Secure and efficient two-party signing protocol for the identity-based signature scheme in the IEEE P1363 standard for public key cryptography. IEEE Transactions on Dependable and Secure Computing, 2020, 17( 5): 1124–1132

[28]	Feng Q, He D, Wang H, Wang D, Huang X . Multi-party key generation protocol for the identity-based signature scheme in the IEEE P1363 standard for public key cryptography. IET Information Security, 2020, 14( 6): 724–732

[29]	Feng Q, He D, Liu Z, Wang D, Choo K K R . Distributed signing protocol for IEEE P1363-compliant identity-based signature scheme. IET Information Security, 2020, 14( 4): 443–451

[30]	Desmedt Y G . Threshold cryptography. European Transactions on Telecommunications, 1994, 5( 4): 449–458

[31]	Gennaro R, Goldfeder S. One round threshold ECDSA with identifiable abort. See eprint.iacr.org website, 2020

[32]	Canetti R, Gennaro R, Goldfeder S, Makriyannis N, Peled U. UC non-interactive, proactive, threshold ECDSA with identifiable aborts. In: Proceedings of 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020, 1769–1787

[33]	Zhang F, Zhang J . Efficient and information-theoretical secure verifiable secret sharing over bilinear groups. Chinese Journal of Electronics, 2014, 23( 1): 13–17

[34]	Feldman P. A practical scheme for non-interactive verifiable secret sharing. In: Proceedings of the 28th Annual Symposium on Foundations of Computer Science. 1987, 427–438

[35]	Gennaro R, Goldfeder S. Fast multiparty threshold ECDSA with fast trustless setup. In: Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018, 1179–1194

[36]	Paillier P. Public-key cryptosystems based on composite degree residuosity classes. In: Proceedings of International Conference on the Theory and Application of Cryptographic Techniques. 1999, 223–238

[37]	Gennaro R, Goldfeder S, Ithurburn B. Fully distributed group signatures. See orbs.com/white-papers/fully-distributed-group-signatures/ website, 2019

[38]	Fiat A, Shamir A. How to prove yourself: practical solutions to identification and signature problems. In: Proceedings of Annual International Cryptology Conference. 1986, 186–194

[39]	Schnorr C P . Efficient signature generation by smart cards. Journal of Cryptology, 1991, 4( 3): 161–174

[40]	Goldberg S, Reyzin L, Sagga O, Baldimtsi F. Efficient noninteractive certification of RSA moduli and beyond. In: Proceedings of the 25th International Conference on the Theory and Application of Cryptology and Information Security. 2019, 700–727

[41]	Lindell Y, Nof A. Fast secure multiparty ECDSA with practical distributed key generation and applications to cryptocurrency custody. In: Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018, 1837–1854

[42]	Castagnos G, Catalano D, Laguillaumie F, Savasta F, Tucker I. Bandwidth-efficient threshold EC-DSA revisited: online/offline extensions, identifiable aborts proactive and adaptive security. Theoretical Computer Science, 2022,