Threshold signatures improve both availability and security of digital signatures by splitting the signing key into \(N\) shares handed out to different parties. Later on, any subset of at least \(T\) parties can cooperate to produce a signature on a given message. While threshold signatures have been extensively studied in the pre-quantum setting, they remain sparse from quantum-resilient assumptions.
In this work, we show that the Raccoon signature scheme can be easily thresholdized. More precisely, we present Threshold Raccoon, a threshold signature that is very close to Raccoon. Our scheme has signature size 13 KiB and communication cost 40 KiB per user, supporting a threshold size as large as 1024 signers.
All operations used during signing are due to symmetric primitives and simple lattice operations; in particular our scheme does not need heavy tools such as threshold fully homomorphic encryption or homomorphic trapdoor commitments as in prior constructions. Our key technical idea is to use one-time additive masks to mitigate the leakage of the partial signing keys through partial signatures.
5th PQC Standardization Conference (2024) [in-person]
Fifth PQC Standardization Conference
Starts: April 10, 2024The NIST PQC conference will be held at the: Hilton Washington DC/Rockville Hotel 1750 Rockville Pike Rockville, MD 20852
Security and Privacy: post-quantum cryptography