Threshold ECDSA in Excessive Detail

Topics covered in this episode:

• 4:05 The basic components of a signature.

• 6:00 A primer on cryptographic groups.

• 11:52 How ECDSA works.

• 25:55 Bringing ECDSA to the threshold setting.

• 29:29 Inversion from multiplication.

• 31:50 The big approaches to multiply numbers.

• 33:22 Homomorphic encryption in a nutshell.

• 40:30 Multiplication via Oblivious Transfer in a nutshell.

• 48:21 Back of the napkin comparison of the two approaches.

• 50:19 The difficulty of getting malicious security.

• 54:00 How to implement homomorphic encryption (and why I don’t like Paillier).

• 59:40 The Paillier lineage of papers.

  • [Lindell17] https://eprint.iacr.org/2017/552

  • [GG18] https://eprint.iacr.org/2019/114

  • [GG20] https://eprint.iacr.org/2020/540

  • [CGGMP] https://eprint.iacr.org/2021/060

• 1:06:50 The Dörner paper.

  • [DKLS18] https://eprint.iacr.org/2018/499

  • [DKLS19] https://eprint.iacr.org/2019/523

• 1:07:57 Tweaking generic MPC to handle group operations.

  • Securing DNSSEC Keys via Threshold ECDSA From Generic MPC

    • https://eprint.iacr.org/2019/889

• 1:10:45 Using triples to isolate the complexity into a pre-processing phase.

If you enjoyed this episode, and want to get notified when the next one arrives, feel free to subscribe:

If you want even more updates, feel free to follow me on Twitter.