[Resource Topic] 2020/449: Switched Threshold Signatures from K-Private PolyShamir Secret Sharing

Welcome to the resource topic for 2020/449

Switched Threshold Signatures from K-Private PolyShamir Secret Sharing

Authors: Kristian L. McDonald


Variant secret sharing schemes deriving from Shamir’s threshold secret sharing protocol are presented. Results include multi-secret sharing protocols using shares with O(1) elements, independent of the number of secrets. The new schemes achieve a weaker notion of security (they’re secure rather than strongly secure) but maintain a property called K-privacy (inspired by k-anonymity). K-privacy ensures that all secrets remain private with respect to a subset of the secret space, though the particular subset providing privacy may vary among adversaries that acquire distinct sub-threshold sets of shares. Depending on the number of secrets and the protocol details, secure K-private multi-secret sharing schemes may be almost'' strongly secure or may remain merely secure and $K$-private - a difference captured by the notion of $K$-security. Novel applications of the multi-secret sharing schemes are presented, realising a primitive called a switched threshold signature. Switched threshold signatures have the quirky property that aggregating a threshold number of signatures of one type (e.g. Pointcheval-Sanders signatures) switches’’ the signatures into a master signature of a different type. Collectively these results may permit efficiencies within, e.g., threshold credential issuance protocols.

ePrint: https://eprint.iacr.org/2020/449

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .