PDF
(427KB)
Abstract
Threshold signature, as a privacy-preserving distributed signature, has become the underlying technology in various fields over the last decade. It is useful to protect against a single point of failure and can effectively ensure key security. In recent years, many different digital signatures have been thresholded and many new techniques, algorithms, and protocols have been proposed. This paper introduces the mainstream threshold signature schemes based on the signatures by several standards. We comprehensively investigate various aspects of these threshold signature schemes for comparison and evaluation, and provide the relevant applications and more potential directions for threshold signature.
Graphical abstract
Keywords
threshold digital signature
/
key protection
/
secure multi-party computation
Cite this article
Download citation ▾
Yu PENG, Qi FENG, De-Biao HE, Min LUO.
A survey on threshold digital signature schemes.
Front. Comput. Sci., 2026, 20(4): 2004806 DOI:10.1007/s11704-025-41297-1
| [1] |
Desmedt Y, Frankel Y. Shared generation of authenticators and signatures. In: Annual International Cryptology Conference. Berlin: Springer, 1991, 457−469
|
| [2] |
Desmedt Y. Threshold cryptosystems. In: Proceedings of Workshop on the Theory and Application of Cryptographic Techniques. 1993, 1−14
|
| [3] |
Brandão L T A N, Peralta R. Nist first call for multi-party threshold schemes. Gaithersburg: NIST, 2025
|
| [4] |
Ergezer S, Kinkelin H, Rezabek F. A survey on threshold signature schemes. Network, See net.in.tum.de/fileadmin/TUM/NET/NET-2020-11-1/NET-2020-11-1_10.pdf website, 2020, 49−53
|
| [5] |
Aumasson J P, Hamelink A, Shlomovits O. A survey of ECDSA threshold signing. IACR Cryptology ePrint Archive, 2020: 1390. See eprint.iacr.org/2020/1390 website, 2020
|
| [6] |
Sedghighadikolaei K, Yavuz A A. A comprehensive survey of threshold signatures: NIST standards, post-quantum cryptography, exotic techniques, and real-world applications. 2024, arXiv preprint arXiv: 2311.05514
|
| [7] |
Jing J W, Zhang S C, Wang P J . Threshold cryptography technology and standardization process. Journal of Cryptologic Research, 2024, 11( 1): 227–254
|
| [8] |
ISO. ISO/IEC 14888−3 It security techniques - digital signatures with appendix - Part 3: discrete logarithm based mechanisms. Vernier: International Organization for Standardization, 2018
|
| [9] |
Yao A C. Protocols for secure computations. In: Proceedings of the 23rd Annual Symposium on Foundations of Computer Science. 1982, 160−164
|
| [10] |
Tong Y, Feng Q, Luo M, He D . Multi-party privacy-preserving decision tree training with a privileged party. Science China Information Sciences, 2024, 67( 8): 182303
|
| [11] |
Feng D, Yang K . Concretely efficient secure multi-party computation protocols: survey and more. Security and Safety, 2022, 1: 2021001
|
| [12] |
Saleem H, Ziashahabi A, Naveed M, Avestimehr S. Hawk: accurate and fast privacy-preserving machine learning using secure lookup table computation. 2024, arXiv preprint arXiv: 2403.17296
|
| [13] |
Hao M, Liu W, Peng L, Li H, Zhang C, Chen H, Zhang T. Unbalanced Circuit-PSI from oblivious Key-Value retrieval. In: Proceedings of the 33rd USENIX Security Symposium. 2024, 6435−6451
|
| [14] |
Shamir A . How to share a secret. Communications of the ACM, 1979, 22( 11): 612–613
|
| [15] |
Blakley G R. Safeguarding cryptographic keys. In: Proceedings of 1979 International Workshop on Managing Requirements Knowledge. 1979, 313−318
|
| [16] |
Chor B, Goldwasser S, Micali S, Awerbuch B. Verifiable secret sharing and achieving simultaneity in the presence of faults. In: Proceedings of the 26th Annual Symposium on Foundations of Computer Science. 1985, 383−395
|
| [17] |
Feldman P. A practical scheme for non-interactive verifiable secret sharing. In: Proceedings of the 28th Annual Symposium on Foundations of Computer Science. 1987, 427−438
|
| [18] |
Pedersen T P. Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum J, ed. Advances in Cryptology — CRYPTO ’91. Berlin: Springer, 1992, 129−140
|
| [19] |
Stadler M. Publicly verifiable secret sharing. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques. 1996, 190−199
|
| [20] |
Cachin C, Kursawe K, Lysyanskaya A, Strobl R. Asynchronous verifiable secret sharing and proactive cryptosystems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security. 2002, 88−97
|
| [21] |
Ostrovsky R, Yung M. How to withstand mobile virus attacks (extended abstract). In: Proceedings of the 10th Annual ACM Symposium on Principles of Distributed Computing. 1991, 51−59
|
| [22] |
Rivest R L, Adleman L, Deaouzos M L. On data banks and privacy homomorphism. In: DeMillo R A, ed. Foundations of Secure Computation. New York: Academic Press, 1978, 169−180
|
| [23] |
Gentry C. Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing. 2009, 169−178
|
| [24] |
Fan J, Vercauteren F. Somewhat practical fully homomorphic encryption. IACR Cryptology ePrint Archive, 2012: 144. See eprint.iacr.org/2012/144 website, 2012
|
| [25] |
Gentry C, Sahai A, Waters B. Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Proceedings of the 33rd Annual Cryptology Conference. 2013, 75−92
|
| [26] |
Cheon J H, Kim A, Kim M, Song Y. Homomorphic encryption for arithmetic of approximate numbers. In: Proceedings of the 23rd International Conference on the Theory and Applications of Cryptology and Information Security. 2017, 409−437
|
| [27] |
Rabin M O. How to exchange secrets with oblivious transfer. IACR Cryptology ePrint Archive, 2005: 187. Cambridge: Harvard University Technical Report 81,2005
|
| [28] |
Even S, Goldreich O, Lempel A . A randomized protocol for signing contracts. Communications of the ACM, 1985, 28( 6): 637–647
|
| [29] |
Brassard G, Crepeau C, Robert J M. All-or-nothing disclosure of secrets. In: Odlyzko A M, ed. Advances in Cryptology - CRYPTO ’86. Berlin: Springer, 1987, 234−238
|
| [30] |
Beaver D. Precomputing oblivious transfer. In: Proceedings of the 15th Annual International Cryptology Conference. 1995, 97−109
|
| [31] |
Beaver D. Correlated pseudorandomness and the complexity of private computations. In: Proceedings of the 28th Annual ACM Symposium on Theory of Computing. 1996, 479−488
|
| [32] |
Gennaro R, Jarecki S, Krawczyk H, Rabin T. Robust threshold DSS signatures. In: Proceedings of International Conference on the Theory and Application of Cryptographic Techniques Saragossa. 1996, 354−371
|
| [33] |
Schnorr C P. Efficient identification and signatures for smart cards. In: Brassard G, ed. Advances in Cryptology - CRYPTO ’89. New York: Springer, 1990, 239–252
|
| [34] |
Stinson D R, Strobl R. Provably secure distributed Schnorr signatures and a (t, n) threshold scheme for implicit certificates. In: Proceedings of the 6th Australasian Conference on Information Security and Privacy. 2001, 417−434
|
| [35] |
Gennaro R, Jarecki S, Krawczyk H, Rabin T. Secure distributed key generation for discrete-log based cryptosystems. In: Proceedings of the 17th International Conference on Theory and Application of Cryptographic Techniques. 1999, 295−310
|
| [36] |
Gennaro R, Jarecki S, Krawczyk H, Rabin T. Secure applications of Pedersen’s distributed key generation protocol. In: Proceedings of Cryptographers’ Track at the RSA Conference 2003. 2003, 373−390
|
| [37] |
Pedersen T P. A threshold cryptosystem without a trusted party. In: Proceedings of Workshop on the Theory and Application of Cryptographic Techniques. 1991, 522−526
|
| [38] |
Komlo C, Goldberg I. FROST: flexible round-optimized Schnorr threshold signatures. In: Proceedings of the 27th International Conference on Selected Areas in Cryptography. 2021, 34−65
|
| [39] |
Joshi S, Pandey D, Srinathan K. ATSSIA: asynchronous truly-threshold Schnorr signing for inconsistent availability. In: Proceedings of 24th International Conference on Information Security and Cryptology. 2021, 71−91
|
| [40] |
Ruffing T, Ronge V, Jin E, Schneider-Bensch J, Schroder D. ROAST: robust asynchronous Schnorr threshold signatures. In: Proceedings of 2022 ACM SIGSAC Conference on Computer and Communications Security. 2022, 2551−2564
|
| [41] |
González A, Ratoanina H, Salen R, Sharifian S, Soukharev V. Identifiable cheating entity flexible round-optimized Schnorr threshold (ICE FROST) signature protocol. IACR Cryptology ePrint Archive, 2021: 1658. See eprint.iacr.org/2021/1658 website, 2021
|
| [42] |
Benhamouda F, Halevi S, Krawczyk H, Ma Y, Rabin T. SPRINT: high-throughput robust distributed Schnorr signatures. In: Proceedings of the 43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2024, 62−91
|
| [43] |
Patra A, Choudhary A, Rangan C P. Efficient statistical asynchronous verifiable secret sharing with optimal resilience. In: Proceedings of the 4th International Conference on Information-Theoretic Cryptography. 2010, 74−92
|
| [44] |
Franklin M, Yung M. Communication complexity of secure computation (extended abstract). In: Proceedings of the 24th Annual ACM Symposium on Theory of Computing. 1992, 699−710
|
| [45] |
Hirt M, Nielsen J B. Robust multiparty computation with linear communication complexity. In: Proceedings of the 26th Annual International Cryptology Conference. 2006, 463−482
|
| [46] |
Shoup V. The many faces of schnorr. IACR Communications in Cryptology, 2023
|
| [47] |
Groth J, Shoup V. Fast batched asynchronous distributed key generation. In: Proceedings of the 43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2024, 370−400
|
| [48] |
Shoup V, Smart N P . Lightweight asynchronous verifiable secret sharing with optimal resilience. Journal of Cryptology, 2024, 37( 3): 27
|
| [49] |
Bellare M, Boldyreva A, Staddon J. Randomness re-use in multi-recipient encryption schemeas. In: Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography. 2002, 85−99
|
| [50] |
Drijvers M, Edalatnejad K, Ford B, Kiltz E, Loss J, Neven G, Stepanovs I. On the security of two-round multi-signatures. In: Proceedings of 2019 IEEE Symposium on Security and Privacy. 2019, 1084−1101
|
| [51] |
Bellare M, Crites E, Komlo C, Maller M, Tessaro S, Zhu C. Better than advertised security for non-interactive threshold signatures. In: Proceedings of the 42nd Annual International Cryptology Conference. 2022, 517−550
|
| [52] |
Bellare M, Tessaro S, Zhu C. Stronger security for non-interactive threshold signatures: BLS and FROST. IACR Cryptology ePrint Archive, 2022:833. See eprint.iacr.org/2022/833 website, 2022
|
| [53] |
Bauer B, Fuchsbauer G, Plouviez A. The one-more discrete logarithm assumption in the generic group model. In: Proceedings of the 27th International Conference on the Theory and Application of Cryptology and Information Security. 2021, 587−617
|
| [54] |
Lindell Y. Simple three-round multiparty Schnorr signing with full simulatability. IACR Communications in Cryptology, 2022
|
| [55] |
Crites E, Komlo C, Maller M. Fully adaptive Schnorr threshold signatures. In: Proceedings of the 43rd Annual International Cryptology Conference. 2023, 678−709
|
| [56] |
Nick J, Ruffing T, Seurin Y. MuSig2: simple two-round Schnorr multi-signatures. In: Proceedings of the 41st Annual International Cryptology Conference. 2021, 189−221
|
| [57] |
Bacho R, Loss J, Stern G, Wagner B. HARTS: high-threshold, adaptively secure, and robust threshold Schnorr signatures. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security. 2024, 104−140
|
| [58] |
Abraham I, Jovanovic P, Maller M, Meiklejohn S, Stern G. Bingo: adaptivity and asynchrony in verifiable secret sharing and distributed key generation. In: Proceedings of the 43rd Annual International Cryptology Conference. 2023, 39−70
|
| [59] |
Bacho R, Loss J, Tessaro S, Wagner B, Zhu C. Twinkle: threshold signatures from DDH with full adaptive security. In: Proceedings of the 43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2024, 429−459
|
| [60] |
Garillot F, Kondi Y, Mohassel P, Nikolaenko V. Threshold Schnorr with stateless deterministic signing from standard assumptions. In: Proceedings of the 41st Annual International Cryptology Conference. 2021, 127−156
|
| [61] |
Jawurek M, Kerschbaum F, Orlandi C. Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently. In: Proceedings of 2013 ACM SIGSAC Conference on Computer & Communications Security. 2013, 955−966
|
| [62] |
Bonte C, Smart N P, Tanguy T . Thresholdizing hashEdDSA: MPC to the rescue. International Journal of Information Security, 2021, 20( 6): 879–894
|
| [63] |
Kondi Y, Orlandi C, Roy L. Two-round stateless deterministic two-party Schnorr signatures from pseudorandom correlation functions. In: Proceedings of the 43rd Annual International Cryptology Conference. 2023, 646−677
|
| [64] |
Roy L. SoftspokenOT: communication-computation tradeoffs in OT extension. IACR Cryptology ePrint Archive, 2022: 192. See eprint.iacr.org/2022/192 website, 2022
|
| [65] |
Aumann Y, Lindell Y . Security against covert adversaries: efficient protocols for realistic adversaries. Journal of Cryptology, 2010, 23( 2): 281–343
|
| [66] |
Orlandi C, Scholl P, Yakoubov S. The rise of paillier: homomorphic secret sharing and public-key silent OT. In: Proceedings of the 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2021, 678−708
|
| [67] |
Boneh D, Komlo C. Threshold signatures with private accountability. In: Proceedings of the 42nd Annual International Cryptology Conference. 2022, 551−581
|
| [68] |
Bünz B, Bootle J, Boneh D, Poelstra A, Wuille P, Maxwell G. Bulletproofs: short proofs for confidential transactions and more. In: Proceedings of 2018 IEEE Symposium on Security and Privacy. 2018, 315−334
|
| [69] |
Bootle J, Cerulli A, Chaidos P, Groth J, Petit C. Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting. In: Proceedings of the 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2016, 327−357
|
| [70] |
Josefsson S, Liusvaara I. Edwards-curve digital signature algorithm (edDSA). See rfc-editor.org/rfc/rfc8032 website, 2017, 1−60
|
| [71] |
Bernstein D J, Duif N, Lange T, Schwabe P, Yang B Y . High-speed high-security signatures. Journal of Cryptographic Engineering, 2012, 2( 2): 77–89
|
| [72] |
Bernstein D J, Josefsson S, Lange T, Schwabe P, Yang B Y . EdDSA for more curves. IACR Cryptology ePrint Archive, 2015, 2015: 677
|
| [73] |
Feng Q, He D, Luo M, Li Z, Choo K K R. Practical secure two-party EdDSA signature generation with key protection and applications in cryptocurrency. In: Proceedings of the 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications. 2020, 137−147
|
| [74] |
Feng Q, Yang K, Zhang K, Wang X, Yu Y, Xie X, He D. Stateless deterministic multi-party EdDSA signatures with low communication. In: Proceedings of IACR International Conference on Public-Key Cryptography, 2025
|
| [75] |
Xie Y, Fan Q, Zhang C, Wu T, Zhou Y, He D, Zhu L . Accountable and secure threshold EdDSA signature and its applications. IEEE Transactions on Information Forensics and Security, 2024, 19: 7033–7046
|
| [76] |
Goldfeder S, Gennaro R, Kalodner H, Bonneau J, Kroll J A, Felten E W, Narayanan A. Securing bitcoin wallets via a new DSA/ECDSA threshold signature scheme. See stevengoldfeder.com/papers/threshold_sigs.pdf, 2015
|
| [77] |
Gennaro R, Goldfeder S, Narayanan A. Threshold-optimal DSA/ECDSA signatures and an application to bitcoin wallet security. In: Proceedings of the 14th International Conference on Applied Cryptography and Network Security. 2016, 156−174
|
| [78] |
Boneh D, Gennaro R, Goldfeder S. Using level-1 homomorphic encryption to improve threshold DSA signatures for bitcoin wallet security. In: Proceedings of the 5th International Conference on Cryptology and Information Security in Latin America. 2019, 352−377
|
| [79] |
Catalano D, Fiore D. Using linearly-homomorphic encryption to evaluate degree-2 functions on encrypted data. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 2015, 1518−1529
|
| [80] |
Castagnos G, Laguillaumie F. Linearly homomorphic encryption from DDH. In: Proceedings of Cryptographer’s Track at the RSA Conference 2015. 2015, 487−505
|
| [81] |
Lindell Y. Fast secure two-party ECDSA signing. In: Proceedings of the 37th Annual International Cryptology Conference. 2017, 613−644
|
| [82] |
Gennaro R, Goldfeder S. Fast multiparty threshold ECDSA with fast trustless setup. In: Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018, 1179−1194
|
| [83] |
Gilboa N. Two party RSA key generation. In: Proceedings of the 19th Annual International Cryptology Conference. 1999, 116−129
|
| [84] |
Gennaro R, Goldfeder S. One round threshold ECDSA with identifiable abort. IACR Cryptology ePrint Archive, 2020: 540. See eprint.iacr.org/2020/540 website, 2020
|
| [85] |
Lindell Y, Nof A. Fast secure multiparty ECDSA with practical distributed key generation and applications to cryptocurrency custody. In: Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018, 1837−1854
|
| [86] |
Castagnos G, Catalano D, Laguillaumie F, Savasta F, Tucker I. Bandwidth-efficient threshold EC-DSA. In: Proceedings of the 23rd IACR International Conference on Public-Key Cryptography. 2020, 266−296
|
| [87] |
Canetti R, Gennaro R, Goldfeder S, Makriyannis N, Peled U. UC non-interactive, proactive, threshold ECDSA with identifiable aborts. In: Proceedings of 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020, 1769−1787
|
| [88] |
Doerner J, Kondi Y, Lee E, Shelat A. Secure two-party threshold ECDSA from ECDSA assumptions. In: Proceedings of 2018 IEEE Symposium on Security and Privacy. 2018, 980−997
|
| [89] |
Doerner J, Kondi Y, Lee E, Shelat A. Threshold ECDSA from ECDSA assumptions: the multiparty case. In: Proceedings of 2019 IEEE Symposium on Security and Privacy. 2019, 1051−1066
|
| [90] |
Doerner J, Kondi Y, Lee E, Shelat A. Threshold ECDSA in three rounds. Cryptology In: Proceedings of 2024 IEEE Symposium on Security and Privacy. 2024, 3053−3071
|
| [91] |
Kondi Y, Magri B, Orlandi C, Shlomovits O. Refresh when you wake up: proactive threshold wallets with offline devices. In: Proceedings of 2021 IEEE Symposium on Security and Privacy. 2021, 608−625
|
| [92] |
Abram D, Nof A, Orlandi C, Scholl P, Shlomovits O. Low-bandwidth threshold ECDSA via pseudorandom correlation generators. In: Proceedings of 2022 IEEE Symposium on Security and Privacy. 2022, 2554−2572
|
| [93] |
Boyle E, Couteau G, Gilboa N, Ishai Y, Kohl L, Scholl P. Efficient pseudorandom correlation generators: silent OT extension and more. In: Proceedings of the 39th Annual International Cryptology Conference. 2019, 489−518
|
| [94] |
Xue H, Au M H, Xie X, Yuen T H, Cui H. Efficient online-friendly two-party ECDSA signature. In: Proceedings of 2021 ACM SIGSAC Conference on Computer and Communications Security. 2021, 558−573
|
| [95] |
Xue H, Au M H, Liu M, Chan K Y, Cui H, Xie X, Yuen T H, Zhang C. Efficient multiplicative-to-additive function from Joye-Libert cryptosystem and its application to threshold ECDSA. In: Proceedings of 2023 ACM SIGSAC Conference on Computer and Communications Security. 2023, 2974−2988
|
| [96] |
Joye M, Libert B. Efficient cryptosystems from 2k-th power residue symbols. In: Proceedings of the 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2013, 76−92
|
| [97] |
Wong H W H, Ma J P K, Yin H H F, Chow S S M. Real threshold ECDSA. In: Proceedings of the 30th Annual Network and Distributed System Security Symposium. 2023
|
| [98] |
Boneh D, Franklin M. Identity-based encryption from the Weil pairing. In: Proceedings of the 21st Annual International Cryptology Conference. 2001, 213−229
|
| [99] |
Galbraith S D, Harrison K, Soldera D. Implementing the Tate pairing. In: Proceedings of the 5th International Algorithmic Number Theory Symposium. 2002, 324−337
|
| [100] |
Scott M. Computing the Tate pairing. In: Proceedings of Cryptographers’ Track at the RSA Conference 2005. 2005, 293−304
|
| [101] |
Arène C, Lange T, Naehrig M, Ritzenthaler C . Faster computation of the Tate pairing. Journal of Number Theory, 2011, 131( 5): 842–857
|
| [102] |
Boldyreva A. Threshold signatures, multisignatures and blind signatures based on the gap-diffie-Hellman-group signature scheme. In: Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography. 2002, 31−46
|
| [103] |
Joux A. A one round protocol for tripartite Diffie–Hellman. In: Proceedings of the 4th International Symposium. 2000, 385−393
|
| [104] |
Bacho R, Loss J. On the adaptive security of the threshold BLS signature scheme. In: Proceedings of 2022 ACM SIGSAC Conference on Computer and Communications Security. 2022, 193−207
|
| [105] |
Tomescu A, Chen R, Zheng Y, Abraham I, Pinkas B, Gueta G G, Devadas S. Towards scalable threshold cryptosystems. In: Proceedings of 2020 IEEE Symposium on Security and Privacy. 2020, 877−893
|
| [106] |
Kate A, Zaverucha G M, Goldberg I. Constant-size commitments to polynomials and their applications. In: Proceedings of the 16th International Conference on the Theory and Application of Cryptology and Information Security. 2010, 177−194
|
| [107] |
Garg S, Jain A, Mukherjee P, Sinha R, Wang M, Zhang Y. hinTS: threshold signatures with silent setup. In: Proceedings of 2024 IEEE Symposium on Security and Privacy. 2024, 3034−3052
|
| [108] |
Gabizon A, Williamson Z J, Ciobotaru O. PLONK: permutations over Lagrange-bases for oecumenical noninteractive arguments of knowledge. IACR Cryptology ePrint Archive, 2019: 953. See eprint.iacr.org/2019/953 website, 2019
|
| [109] |
Ràfols C, Zapico A. An algebraic framework for universal and updatable SNARKs. In: Proceedings of the 41st Annual International Cryptology Conference. 2021, 774−804
|
| [110] |
Das S, Camacho P, Xiang Z, Nieto J, Bünz B, Ren L. Threshold signatures from inner product argument: succinct, weighted, and multi-threshold. In: Proceedings of 2023 ACM SIGSAC Conference on Computer and Communications Security. 2023, 356−370
|
| [111] |
IEEE. 1363.3-2013 IEEE standard for identity-based cryptographic techniques using pairings. Piscataway: IEEE, 2013, 1−151
|
| [112] |
He D, Zhang Y. SM9 digital signature generation method and system: CN107579819B. 2019–11-19
|
| [113] |
He D, Feng Q, Wang J, Zhou X. Method for multi-party combined generation of SM9 digital signature in asymmetric environment: CN109194478B. 2021–12-07
|
| [114] |
He D, Feng Q, Wang J, Lin C, Zhang Y. Method for generating SM9 digital signature through multi-party association under symmetrical environment: CN109660361B. 2020–11-24
|
| [115] |
Mu Y, Xu H, Li P, Ma T . Secure two-party SM9 signing. Science China Information Sciences, 2020, 63( 8): 189101
|
| [116] |
Zhang R, Zou H, Zhang C, Xiao Y, Tao Y. Distributed key generation for SM9-based systems. In: Proceedings of the 16th International Conference on Information Security and Cryptology. 2021, 113−129
|
| [117] |
Feng Q, He D, Liu Z, Wang D, Choo K K R . Distributed signing protocol for IEEE P1363-compliant identity-based signature scheme. IET Information Security, 2020, 14( 4): 443–451
|
| [118] |
He D, Zhang Y, Wang D, Choo K K R . Secure and efficient two-party signing protocol for the identity-based signature scheme in the IEEE P1363 standard for public key cryptography. IEEE Transactions on Dependable and Secure Computing, 2020, 17( 5): 1124–1132
|
| [119] |
Feng Q, He D, Wang H, Wang D, Huang X . Multi-party key generation protocol for the identity-based signature scheme in the IEEE P1363 standard for public key cryptography. IET Information Security, 2020, 14( 6): 724–732
|
| [120] |
Barreto P S L M, Libert B, McCullagh N, Quisquater J J. Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In: Proceedings of the 11th International Conference on the Theory and Application of Cryptology and Information Security. 2005, 515−532
|
| [121] |
Jiang Y, Zhu Y, Wang J, Li X . Fully distributed identity-based threshold signatures with identifiable aborts. Frontiers of Computer Science, 2023, 17( 5): 175813
|
| [122] |
Jiang Y, Zhu Y, Wang J, Zhang Y. Efficient online and non-interactive threshold signatures with identifiable aborts for identity-based signatures in the IEEE P1363 standard. IACR Cryptology ePrint Archive, 2024: 1333. See eprint.iacr.org/2024/1333 website, 2024
|
| [123] |
Shang M, Ma Y, Lin J Q, Jing J W . A threshold scheme for SM2 elliptic curve cryptographic algorithm. Journal of Cryptologic Research, 2014, 1( 2): 155–166
|
| [124] |
Lin J, Ma Y, Jing J, Wang Q, Lei L, Cai Q, Wang L. Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm: CN104243456A. 2014–12–24
|
| [125] |
Zhang Y, He D, Zhang M, Choo K K R . A provable-secure and practical two-party distributed signing protocol for SM2 signature algorithm. Frontiers of Computer Science, 2020, 14( 3): 143803
|
| [126] |
Su Y X, Tian H B . A two-party SM2 signing protocol and its application. Chinese Journal of Computers, 2020, 43( 4): 701–710
|
| [127] |
Feng Q, He D, Luo M, Li L . Efficient two-party SM2 signing protocol for mobile internet. Journal of Computer Research and Development, 2020, 57( 10): 2136–2146
|
| [128] |
Han G, Bai X, Geng S, Qin B . Efficient two-party SM2 signing protocol based on secret sharing. Journal of Systems Architecture, 2022, 132: 102738
|
| [129] |
Liang H, Chen J . Non-interactive SM2 threshold signature scheme with identifiable abort. Frontiers of Computer Science, 2024, 18( 1): 181802
|
| [130] |
Li S, Yang W, Zhang F, Huang X, Chen R . Practical two-party SM2 signing using multiplicative-to-additive functionality. Computer Standards & Interfaces, 2025, 92: 103928
|
| [131] |
Liu Z Y, Lin J Q. Framework of two-party threshold schemes for SM2 digital signatures. Journal of Software, 2024, doi: 10.13328/j.cnki.jos.006978
|
| [132] |
Chen L, Guo C, Gong B, Waqas M, Deng L, Qin H . A secure cross-domain authentication scheme based on threshold signature for MEC. Journal of Cloud Computing, 2024, 13( 1): 70
|
| [133] |
Yang A, Weng J, Yang K, Huang C, Shen X . Delegating authentication to edge: a decentralized authentication architecture for vehicular networks. IEEE Transactions on Intelligent Transportation Systems, 2022, 23( 2): 1284–1298
|
| [134] |
Dziembowski S, Jarecki S, Kedzior P, Krawczyk H, Ngo C N, Xu J. Password-protected threshold signatures. In: Proceedings of the 30th International Conference on the Theory and Application of Cryptology and Information Security. 2024, 174−206
|
| [135] |
Maxwell G, Poelstra A, Seurin Y, Wuille P . Simple Schnorr multi-signatures with applications to bitcoin. Designs, Codes and Cryptography, 2019, 87( 9): 2139–2164
|
| [136] |
Shi Y, Liang J, Li M, Ma T, Ye G, Li J, Zhao Q. Threshold EdDSA signature for blockchain-based decentralized finance applications. In: Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses. 2022, 129−142
|
| [137] |
Feng Q, Yang K, Ma M, He D . Efficient multi-party EdDSA signature with identifiable aborts and its applications to blockchain. IEEE Transactions on Information Forensics and Security, 2023, 18: 1937–1950
|
| [138] |
Rabin T. A simplified approach to threshold and proactive RSA. In: Proceedings of the 18th Annual International Cryptology Conference. 1998, 89−104
|
| [139] |
Almansa J F, Damgård I, Nielsen J B. Simplified threshold RSA with adaptive and proactive security. In: Proceedings of the 25th International Conference on the Theory and Applications of Cryptographic Techniques. 2006, 593−611
|
| [140] |
Frederiksen T K, Lindell Y, Osheter V, Pinkas B. Fast distributed RSA key generation for semi-honest and malicious adversaries. In: Proceedings of the 38th Annual International Cryptology Conference. 2018, 331−361
|
| [141] |
Tessaro S, Zhu C. Threshold and multi-signature schemes from linear hash functions. In: Proceedings of the 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2023, 628−658
|
| [142] |
Shor P W . Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Review, 1999, 41( 2): 303–332
|
| [143] |
Fouque P A, Hoffstein J, Kirchner P, Lyubashevsky V, Pornin T, Prest T, Ricosset T, Seiler G, Whyte W, Zhang Z. Falcon: fast-Fourier lattice-based compact signatures over NTRU. Submission to the NIST’s Post-Quantum Cryptography Standardization Process, 2018, 36(5): 1−75
|
| [144] |
Ducas L, Lepoint T, Lyubashevsky V, Schwabe P, Seiler G, Stehle D. CRYSTALS–dilithium: digital signatures from module lattices. IACR Cryptology ePrint Archive, 2017: 633. See eprint.iacr.org/2017/633 website,2017
|
| [145] |
Aumasson J P, Bernstein D J, Beullens W, Dobraunig C, Eichlseder M, Fluhrer S, Gazdag S L, Hülsing A, Kampanakis P, Kölbl S, Lange T, Lauridsen M M, Mendel F, Niederhagen R, Rechberger C, Rijneveld J, Schwabe P, Westerbaan B. SPHINCS+. Submission to the NIST’s Post-Quantum Cryptography Standardization Process, See sphincs.org/data/sphincs+-round3-specification.pdf website, 2020
|
| [146] |
Espitau T, Katsumata S, Takemure K. Two-round threshold signature from algebraic one-more learning with errors. In: Proceedings of the 44th Annual International Cryptology Conference. 2024, 387−424
|
| [147] |
Espitau T, Niot G, Prest T. Flood and submerse: distributed key generation and robust threshold signature from lattices. In: Proceedings of the 44th Annual International Cryptology Conference. 2024, 425−458
|
RIGHTS & PERMISSIONS
The Author(s) 2025. This article is published with open access at link.springer.com and journal.hep.com.cn
