File Download
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1007/978-3-030-75245-3_18
- Scopus: eid_2-s2.0-85106422938
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: Compact Zero-Knowledge Proofs for Threshold ECDSA with Trustless Setup
| Title | Compact Zero-Knowledge Proofs for Threshold ECDSA with Trustless Setup |
|---|---|
| Authors | |
| Keywords | Threshold signature ECDSA Zero-knowledge proof |
| Issue Date | 2021 |
| Publisher | Springer. |
| Citation | Yuen, TH ; Cui, H & Xie, X. Compact Zero-Knowledge Proofs for Threshold ECDSA with Trustless Setup. In: Garay, JA (ed.) Public-Key Cryptography (PKC 2021): The 24th IACR International Conference on Practice and Theory of Public-Key Cryptography, Virtual Conference, 10-13 May 2021. Proceedings, Part 1, p. 481-511. Cham: Springer, 2021 How to Cite? |
| Abstract | Threshold ECDSA signatures provide a higher level of security to a crypto wallet since it requires more than t parties out of n parties to sign a transaction. The state-of-the-art bandwidth efficient threshold ECDSA used the additive homomorphic Castagnos and Laguillaumie (CL) encryption based on an unknown order group G, together with a number of zero-knowledge proofs in G. In this paper, we propose compact zero-knowledge proofs for threshold ECDSA to lower the communication bandwidth, as well as the computation cost. The proposed zero-knowledge proofs include the discrete-logarithm relation in G and the well-formedness of a CL ciphertext.
When applied to two-party ECDSA, we can lower the bandwidth of the key generation algorithm by 47%, and the running time for the key generation and signing algorithms are boosted by about 35% and 104% respectively. When applied to threshold ECDSA, our first scheme is more optimized for the key generation algorithm (about 70% lower bandwidth and 85% faster computation in key generation, at a cost of 20% larger bandwidth in signing), while our second scheme has an all-rounded performance improvement (about 60% lower bandwidth, 46% faster computation in key generation without additional cost in signing). |
| Persistent Identifier | http://hdl.handle.net/10722/304338 |
| ISBN | |
| Series/Report no. | Lecture Notes in Computer Science (LNCS) ; v. 12710 |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Yuen, TH | - |
| dc.contributor.author | Cui, H | - |
| dc.contributor.author | Xie, X | - |
| dc.date.accessioned | 2021-09-23T08:58:39Z | - |
| dc.date.available | 2021-09-23T08:58:39Z | - |
| dc.date.issued | 2021 | - |
| dc.identifier.citation | Yuen, TH ; Cui, H & Xie, X. Compact Zero-Knowledge Proofs for Threshold ECDSA with Trustless Setup. In: Garay, JA (ed.) Public-Key Cryptography (PKC 2021): The 24th IACR International Conference on Practice and Theory of Public-Key Cryptography, Virtual Conference, 10-13 May 2021. Proceedings, Part 1, p. 481-511. Cham: Springer, 2021 | - |
| dc.identifier.isbn | 9783030752446 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/304338 | - |
| dc.description.abstract | Threshold ECDSA signatures provide a higher level of security to a crypto wallet since it requires more than t parties out of n parties to sign a transaction. The state-of-the-art bandwidth efficient threshold ECDSA used the additive homomorphic Castagnos and Laguillaumie (CL) encryption based on an unknown order group G, together with a number of zero-knowledge proofs in G. In this paper, we propose compact zero-knowledge proofs for threshold ECDSA to lower the communication bandwidth, as well as the computation cost. The proposed zero-knowledge proofs include the discrete-logarithm relation in G and the well-formedness of a CL ciphertext. When applied to two-party ECDSA, we can lower the bandwidth of the key generation algorithm by 47%, and the running time for the key generation and signing algorithms are boosted by about 35% and 104% respectively. When applied to threshold ECDSA, our first scheme is more optimized for the key generation algorithm (about 70% lower bandwidth and 85% faster computation in key generation, at a cost of 20% larger bandwidth in signing), while our second scheme has an all-rounded performance improvement (about 60% lower bandwidth, 46% faster computation in key generation without additional cost in signing). | - |
| dc.language | eng | - |
| dc.publisher | Springer. | - |
| dc.relation.ispartof | PKC 2021: Public-Key Cryptography | - |
| dc.relation.ispartofseries | Lecture Notes in Computer Science (LNCS) ; v. 12710 | - |
| dc.rights | This version of the article has been accepted for publication, after peer review (when applicable) and is subject to Springer Nature’s AM terms of use, but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: https://doi.org/10.1007/978-3-030-75245-3_18 | - |
| dc.subject | Threshold signature | - |
| dc.subject | ECDSA | - |
| dc.subject | Zero-knowledge proof | - |
| dc.title | Compact Zero-Knowledge Proofs for Threshold ECDSA with Trustless Setup | - |
| dc.type | Conference_Paper | - |
| dc.identifier.email | Yuen, TH: johnyuen@hku.hk | - |
| dc.identifier.authority | Yuen, TH=rp02426 | - |
| dc.description.nature | postprint | - |
| dc.identifier.doi | 10.1007/978-3-030-75245-3_18 | - |
| dc.identifier.scopus | eid_2-s2.0-85106422938 | - |
| dc.identifier.hkuros | 325049 | - |
| dc.identifier.spage | 481 | - |
| dc.identifier.epage | 511 | - |
| dc.publisher.place | Cham | - |
| dc.identifier.eisbn | 9783030752453 | - |