[Resource Topic] 2025/1964: Generic PVSS Framework with $O(1)$ Complexity Using CCA2-Secure Threshold Encryption

Resource Cryptographic protocols
1

Welcome to the resource topic for 2025/1964

Title:
Generic PVSS Framework with O(1) Complexity Using CCA2-Secure Threshold Encryption

Authors: Liang Zhang, Dongliang Cai, Yiwen Gao, Haibin Kan, Jiheng Zhang, Moti Yung

Abstract:

Existing PVSS schemes suffer from at least O(n) online complexity due to the need to individually encrypt and prove/ verify each of the n shares. In this work, we present a generic framework for constructing PVSS schemes with O(1) complexity for share distribution and (the expected to be repeated numerous times) public verification. Our key insight lies in establishing a novel connection between PVSS and CCA2-Secure threshold encryption (CCATE), which enables public verifiability enforced by Non-Interactive Zero-Knowledge (NIZK) proofs. We show that a CCATE scheme can be generically transformed into a secure PVSS scheme, eliminating the O(n) bottleneck per on-line operations. We instantiate the framework by presenting two CCATE constructions: 1) A pairing-free scheme based on a committee-based Distributed Key Generation (DKG) protocol and Threshold ElGamal encryption. 2) A silent setup scheme leveraging a non-interactive distributed key generation, relying on Power-of-Tau ceremony. Furthermore, we introduce solutions for dynamic membership updates in both DKG constructions, demonstrating their practicality and adaptability for real-world applications. The scheme is based on an off-line setup stage (before a specific value to share is given) where the O(n) complexity is dealt with. Although our schemes incur higher setup costs, they drastically reduce the complexity of the critical distribution and verification stages to constant time. This trade-off marks a significant advancement in the scalability of PVSS-based systems, especially in the context of blockchain modern transactions. Conceptually, the work points out how variants of the notion of Threshold Encryption can potentially serve as a ``compression mechanism’’ for information sharing schemes.

ePrint: https://eprint.iacr.org/2025/1964

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .