Threshold ECDSA in Excessive Detail
Topics covered in this episode:
4:05 The basic components of a signature.
6:00 A primer on cryptographic groups.
11:52 How ECDSA works.
25:55 Bringing ECDSA to the threshold setting.
29:29 Inversion from multiplication.
31:50 The big approaches to multiply numbers.
33:22 Homomorphic encryption in a nutshell.
40:30 Multiplication via Oblivious Transfer in a nutshell.
48:21 Back of the napkin comparison of the two approaches.
50:19 The difficulty of getting malicious security.
54:00 How to implement homomorphic encryption (and why I don’t like Paillier).
59:40 The Paillier lineage of papers.
[Lindell17] https://eprint.iacr.org/2017/552
[CGGMP] https://eprint.iacr.org/2021/060
1:06:50 The Dörner paper.
[DKLS18] https://eprint.iacr.org/2018/499
[DKLS19] https://eprint.iacr.org/2019/523
1:07:57 Tweaking generic MPC to handle group operations.
Securing DNSSEC Keys via Threshold ECDSA From Generic MPC
1:10:45 Using triples to isolate the complexity into a pre-processing phase.
If you enjoyed this episode, and want to get notified when the next one arrives, feel free to subscribe:
If you want even more updates, feel free to follow me on Twitter.
Threshold ECDSA in Excessive Detail
It's quite interesting but a bit hard not to lose a thread without visualizations.