Authors: Qi Feng, Kang Yang, Mimi Ma, and Debiao He

 

Title: Efficient Multi-Party EdDSA Signature with Identifiable Aborts and its Applications to Blockchain

 

Journal: Transactions on Information Forensics and Security

 

Abstract: The security of secret keys for blockchain-based applications is increasingly important, partly because that the theft of secret keys will render a significantly financial loss. To guarantee the security of secret keys, many multi-party signature protocols have been proposed. However, few of them are designed for EdDSA-based blockchain that is developing in growth. The folklore and the NIST document for standardizing threshold schemes believe that a distributed hash evaluation is required to design multi-party EdDSA protocols, which leads to a relatively large overhead. In this paper, we present two practical multi-party EdDSA protocols for semi-honest and malicious settings. Our maliciously secure protocol eliminates the distributed hashing by securely realizing a weaker functionality, which is enough for EdDSA-based blockchain. Furthermore, we extend the malicious protocol to resist DoS attack by identifying corrupted parties in case of execution aborts. We implemented our EdDSA protocols for 2–5 parties using Alibaba cloud servers with all instances of type ecs.t5-c1m2.large. Our protocol in the malicious setting takes 1.51–15.3 ms between 2 parties and 5 parties, and is two orders of magnitude faster than the recent threshold EdDSA protocol. These properties (efficient, identifiable abort, high-compatibility) make the two protocols ideal for threshold wallets for EdDSA-based cryptocurrency.