Two-Round Threshold Signatures with FROST
draft-irtf-cfrg-frost-01
| Document | Type | Expired Internet-Draft (cfrg RG) | |
|---|---|---|---|
| Authors | Chelsea Komlo , Ian Goldberg , T Wilson-Brown | ||
| Last updated | 2022-02-12 (Latest revision 2021-08-11) | ||
| Stream | Internet Research Task Force (IRTF) | ||
| Formats |
Expired & archived
plain text
htmlized
pdfized
bibtex
|
||
| Stream | IRTF state | Active RG Document | |
| Consensus boilerplate | Unknown | ||
| Document shepherd | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-01.txt
Abstract
In this draft, we present a two-round signing variant of FROST, a Flexible Round-Optimized Schnorr Threshold signature scheme. FROST signatures can be issued after a threshold number of entities cooperate to issue a signature, allowing for improved distribution of trust and redundancy with respect to a secret key. Further, this draft specifies signatures that are compatible with EdDSA verification of signatures. However, this draft does not generate deterministic nonces as defined by EdDSA, to ensure protection against a key-recovery attack that is possible when even only one participant is malicious.
Authors
Chelsea Komlo
Ian Goldberg
T Wilson-Brown
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)