The upcoming NIST First Call for Multi-Party Threshold Schemes (see the initial public draft in NIST IR8214C ipd, and received public comments) will solicit public proposals of threshold schemes (multi-party protocols) for various cryptographic primitives. The NIST Workshop on Multi-Party Threshold Schemes (MPTS) 2023 collected further feedback before the final version of the Call.
Threshold Call: NISTIR 8214C ipd (Jan-2023), and received comments (Apr-2023)
MPTS 2023: workshop webpage, and call for presentation abstracts.
The "NIST Threshold Call" will explore techniques of MPC (secure multiparty computation), ZKP (zero-knowledge proofs), and FHE (fully-homomorphic encryption). More details about the public call can be found in the webpage of the NIST Multi-Party Threshold Cryptography (MPTC) project. Within the Call, category Cat2 (for primitives not specified by NIST) brings an opportunity to consider primitives that are not present in current NIST standards. The analysis of submitted schemes will include engagement by the MPTC and the PEC projects. The table below is an adaptation of the Table 2 in draft call (NIST IR8214C ipd).
Subcategory: Type | Example scheme | Example primitive |
---|---|---|
C2.1: Signing | TF succinct & verifiable-deterministic signatures | Sign |
TF-QR signatures | Sign | |
C2.2: PKE | TF-QR public-key encryption (PKE) | Decrypt; encrypt (a secret value) |
C2.3: KA | Low-round multi-party key-agreement (KA) | Single-party primitives |
C2.4: Symmetric | TF PRP (e.g., blockcipher) or PRF (e.g., for MAC or key-derivation) | Encipher, decipher, MAC |
Hash or XOF | Hash function, XOF | |
C2.5: Keygen | Any of the above or below | Keygen |
C2.6: FHE | QR Fully-homomorphic encryption (FHE) | Decryption; keygens |
C2.7: ZKPoK | ZKPoK of private key | ZKPoK.Generate |
C2.8: Gadgets | Garbled circuit (GC) | GC.generate; GC.evaluate |
TF-QR is a desired combination for any type of scheme; some examples show just TF to convey that it is welcome even if not QR.
Legend: 2KE = pair-wise key-establishment; Keygen = key-generation; PKE = Public-key encryption; PRF = pseudorandom function (family); PRP = pseudorandom permutation (family); QR = quantum resistant; TF = threshold friendly; ZKPoK = Zero-knowledge proof of knowledge.
Note: the initial public draft had "C2.6 = Advanced" (inc. FHE, IBE and ABE), but the 2pd will narrow it down to just FHE.
There is also a category Cat1 for threshold schemes for NIST specified primitives. The upcoming revision of NISTIR 8214C ipd will include in subcategory C1.1 and C.1.2 some primitives of the schemes selected by the NIST-PQC project in 2022.
Security and Privacy: cryptography, privacy