Method for secure and resilient distributed generation of elliptic curve digital signature algorithm (ECDSA) based digital signatures with proactive security

摘要

Described is system for generation of elliptic curve digital signature algorithm (ECDSA) based digital signatures. A Secret-Share protocol is initialized between a client and a set of servers to share a set of shares of a private key s among the set of servers. The set of servers initializes a protocol to generate a digital signature on a message using the set of shares of the private key s without reconstructing or revealing the private key s. The set of servers periodically initializes a Secret-Redistribute protocol on each share of the private key s to re-randomize the set of shares. A Secret-Open protocol is initialized to reveal the private key s to an intended recipient, wherein the private key s is used to compute the digital signature.

主权项

1. A system for generation of elliptic curve digital signature algorithm (ECDSA) based digital signatures, the system comprising:
one or more processors and a non-transitory computer-readable medium having executable instructions encoded thereon such that when executed, the one or more processors perform operations of:
initializing a Secret-Share protocol between a client C and a set of n servers, wherein the client C shares a set of shares of a private key s among the set of n servers;initializing, by the set of n servers, a protocol to generate a digital signature on a message m using the set of shares of the private key s without reconstructing or revealing the private key s;periodically initializing, by the set of n servers, a Secret-Redistribute protocol on each share of the private key s to re-randomize the set of shares; andwherein a threshold t of up to n/2 of the set of n servers can be completely corrupted or compromised by an active adversary while the confidentiality of the private key s and correctness of the digital signature remain uncompromised.