Welcome to the resource topic for 2025/2134
Title:
Non-Interactive Threshold Mercurial Signatures with Applications to Threshold DAC
Authors: Scott Griffy, Nicholas Jankovic, Anna Lysyanskaya, Arup Mondal
Abstract:In a mercurial signature, a signer signs a representative m of an equivalence class of messages on behalf of a representative \mathsf{pk} of an equivalence class of public keys, receiving the signature \sigma. One can then transform \sigma into a signature \sigma' on an equivalent (to m) message m' under an equivalent (to \mathsf{pk}) public key \mathsf{pk}'. Mercurial signatures are helpful in constructing delegatable anonymous credentials: their privacy properties enable straightforward randomization of a credential chain, hiding the identity of each signer while preserving the authenticity of the overall credential.
Unfortunately, without trusted setup, known constructions of mercurial signatures satisfy only a weak form of this privacy property. Specifically, an adversary who is responsible for a link in a delegation chain—and thus knows its corresponding secret key—will be able to recognize this link even after the chain has been randomized.
To address this issue, Abe et al. (Asiacrypt 2024) proposed (interactive) threshold mercurial signatures (TMS), which remove the reliance on a single trusted signer by distributing the signing capability among multiple parties, none of whom knows the signing key. However, this contribution was far from practical, as it required the signers to interact with each other during the signing process.
In this work, we define and realize non-interactive TMS, where each participant non-interactively computes its contribution to the threshold mercurial signature. Our construction also substantially reduces the overall communication complexity. It uses the mercurial signature scheme of Mir et al. (CCS 2023) as a starting point. Further, we introduce threshold delegatable anonymous credentials (TDAC) and use a non-interactive TMS to construct them.
ePrint: https://eprint.iacr.org/2025/2134
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .