„ROAST: Robust Asynchronous Schnorr Threshold Signatures“ erscheint auf ACM CCS 2022

Symbolbild zum Artikel. Der Link öffnet das Bild in einer großen Anzeige.

Das Paper „ROAST: Robust Asynchronous Schnorr Threshold Signatures“ von Tim Ruffing, Viktoria Ronge, Elliott Jin, Jonas Schneider-Bensch und Dominique Schröder erscheint auf der ACM Conference on Computer and Communications Security 2022.

Unten stehend finden Sie die Kurzfassung des Papers in englischer Sprache.

Bitcoin and other cryptocurrencies have recently introduced support for Schnorr signatures whose cleaner algebraic structure, as compared to ECDSA, allows for simpler and more practical constructions of highly demanded „t-of-n“ threshold signatures. However, existing Schnorr threshold signature schemes (like their ECDSA counterparts) still fall short of the needs of real-world applications due to their assumption that the network is synchronous and due to their lack of robustness, i.e., the guarantee that t honest signers are able to obtain a valid signature even in the presence of other malicious signers who try to disrupt the protocol. This hinders the adoption of threshold signatures in the cryptocurrency ecosystem, e.g., in second-layer protocols built on top of cryptocurrencies. In this work, we propose ROAST, a simple wrapper that turns a given threshold signature scheme into a scheme with a robust and asynchronous signing protocol, as long as the underlying signing protocol is semi-interactive (i.e., has one preprocessing round and one actual signing round), provides identifiable aborts, and is unforgeable under concurrent signing sessions. When applied to the state-of-the-art Schnorr threshold signature scheme FROST, which fulfills these requirements, we obtain a simple, efficient, and highly practical Schnorr threshold signature scheme.