U.S. flag   An official website of the United States government

NIST Workshop on Multi-Party Threshold Schemes 2020

The videos of the presentations will be made available soon.

Quick Links


The MPTS2020 workshop is intended as an informal consultation step about the development of criteria for evaluating multi-party threshold schemes for the cryptographic primitives identified in NISTIR 8214A. The organizers are asking the community of stakeholders to participate by providing examples, suggestions and recommendations for the multi-party track of the standardization process considered by the NIST Threshold Cryptography (TC) project. The collected feedback will be taken into consideration in the development process.

  • What: NIST workshop on multi-party threshold schemes.
  • Goal: Collect feedback for the multi-party track of the TC project.
  • How: Invited talks (~20 min each) + Q&A; and submitted briefs (~5 min).
  • Logistics: Participation by video-conference; free attendance based on early registration.
  • When: November 4--6 (9:30am -- 13:00+).

Primitives (see NISTIR 8214A, Section 4.1): 1. RSA signing; 2. RSA decryption; 3. RSA key generation; 4. EdDSA signing; 5. ECDSA signing; 6. ECC-CDH primitive; 7. Keygen for ECC; 8. AES enciphering/deciphering

Some related topics (see NISTIR 8214A, Section 5): 1. Configurability (threshold numbers, ...); 2. Practical feasibility; 3. Security models; 4. Security properties; 5. Gadgets and modularity; 6. Validation suitability.

The Threshold Cryptography (TC) project at the National Institute of Standards and Technology (NIST) is exploring the potential for standardization of threshold schemes for cryptographic primitives. The goal of the multi-party track (see NISTIR 8214A) is to enable the distributed execution of key-based primitives when the keys are secret-shared across multiple parties. By applying a threshold scheme, the confidentiality of the original key is preserved even if some threshold number of parties are compromised. A threshold property can also extend to other security aspects,such as integrity and availability of the operation.

The current focus of the project is on devising criteria for evaluation of threshold schemes that may be proposed in the future for consideration in the TC multi-party track. To develop such criteria, it is essential to obtain meaningful and timely feedback from expert stakeholders. The NIST Workshop on Multi-Party Threshold Schemes (MPTS 2020) is organized as a step to enable the organizers to collect useful feedback from the community. The organizers ask the community to aim at recommendations that promote security, practicality and interoperability, under the umbrella of improving best practices and fostering innovation, within the scope of standardization.

Workshop structure. MPTS 2020 will be a virtual workshop. The presentations and comments will be recorded and made publicly available after the event. The workshop will last three days,with up to four hours per day. The program will be based on two types of contributions:

  • Talks: Invited talks (~20 min talk + ~5 min Q&A), focused on recommendations for criteria for threshold schemes or their elements (e.g., gadgets); each talk is followed by a short period of moderated comments and Q&A.
  • Briefs: Short talks (up to 5 min each), related to the goal of the workshop (requires submitting a title and short description).

We invite the community of stakeholders to participate in the workshop and share their views on threshold schemes for the multi-party track of NISTIR 8214A, and give recommendations on criteria for their standardization. We will publish the collected feedback after the workshop.

Content scope. This workshop and the multi-party track of the TC project cover the cryptographic primitives highlighted in Section 4.1 of NISTIR 8214A. The organizers are interested in characterizing potential threshold schemes with respect to the features in Section 5 of NISTIR 81214A. See also the Sections 2.3--2.5, 6.1 and 7.2.

Disclaimer (standards). The use of the words "standards" and "standardization" in the TC project does not imply a goal of producing new Federal Information Processing Standards (FIPS) publications. For example, the final products may include Recommendations or implementation guidelines to be incorporated in other documentation, such as (but not necessarily) Special Publications in Computer Security (SP 800).

(Note: Statistics updated on 2020-Nov-9. Identified duplicates were not counted.)

Overall workshop registrations (including all speakers): 292 individuals (includes 20 from NIST), across 40+ countries.

Webex registrations (including panelists/hosts) per event: 162 in 1st day: 158 in 2nd day; 140 in 3rd day.

Speakers (19) of invited talks: Berry Schoenmakers, Ivan Damgård, Tal Rabin, Nigel Smart, Chelsea Komlo, Yehuda Lindell, Ran Canetti, Yuval Ishai, Emmanuela Orsini, Peter Scholl, Vladimir Kolesnikov, Xiao Wang, Jean-Philippe Aumasson, Omer Shlomovits, Kris Shrishak, Nikolaos Makriyannis, Schuyler Rosefield, Muthu Venkitasubramaniam, Marcella Hastings.

Speakers (11) of accepted briefs: Yashvanth Kondi, Akira Takahashi, Jan Willemson, Saikrishna Badrinarayanan, Xiao Wang, Jakob Pagter, Phillip Hallam-Baker, Ronald Tse, Frank Wiener, Damian Straszak, Jack Doerner.

Session chairs (5): Luís Brandão, Michael Davidson, Dustin Moody, René Peralta, Apostol Vassilev.

Workshop/program chair (1): Luís Brandão.

(Each listing of names follows the order of the corresponding talks/briefs/sessions at the workshop.)

Thanks to Donal Whitfield for explaining, prior to the workshop, the workings of the video-conference platform.

Statistics based on answers provided in the workshop registration form

Registrations per country

292 registrations across 40+ countries.

Pie chart, showing the number of registrants per country

The USA count includes 20 from NIST.

Familiarity with NISTIR 8214A

Yes: 122; No: 164; N/A: 6

Image showing the cover of NISTIR 8214A

In which primitives are you most interested in?

Primitives of interest

(Multiple answers allowed; answers not mandatory)

What threshold-related topics are of most interest to you?

Topics of interest

(Multiple answers allowed; answers not mandatory)

  • September 30: early registration (free)
  • September 30: submission of title + abstract for brief intervention (submissions phase 1)
  • October 28: late registration (also free -- the video-conference platform allows it)
  • October 28: submission of title + abstract for brief intervention (submissions phase 2)
  • November 6: We will accept registrations arriving after Oct 28, but there may be a delay in allowing the connection to the virtual event

How to register as an attendee for MPTS 2020:

There are two needed (sequential) registrations for attendees:

Registration 1. Submit the workshop registration form:


After someone reads your submitted form, you will receive (from a nist.gov email) a "registration password" for the Webex events, as well as the Webex event password.

Registration 2. Apply for a Webex Registration ID for each day of the event:


The workshop occurs as three Webex virtual events (one per day of the workshop). To connect as an attendee in each event day, first register (with Webex) your email address for the event. You will then receive an email from Webex with a "registration " id, which you'll need (along with the event password, received in step 1) to login to the virtual event.

Note: If you are a presenter, your role in the webex event will be as "Panelist", instead of "Attendee". In such case you will receive different instructions by email.

Submit a proposal for a "brief":

To submit a proposed "brief", please email workshop-MPTS-2020@nist.gov, preferably by September 30 (phase 1) or October 28 (phase 2):

  • Use email subject "MPTS2020 brief: "

  • Include the contact details of the speaker.

  • Attach a 1-page file in PDF format containing: title, name, and abstract.

Lodging Info:

Virtual workshop


For questions or comments related to the workshop, please send an email to "workshop-MPTS-2020 at nist.gov"

Schedule — List of Presentations

Please check the Workshop Program (PDF file) for further details: bios of talks' speakers; abstracts; collaborators.

Session 1a (talks). Session chair: Luís Brandão.

Session 1b (talks). Session chair: Michael Davidson.

Session 1c (briefs): Session chair: Dustin Moody.

09:15--09:35: Virtual arrival

Session 2a (talks): Session chair: Luís Brandão.

Session 2b (talks): Session chair: Rene Peralta.

Session 2c (briefs): Session chair: Apostol Vassilev.

09:15--09:35: Virtual arrival

Session 3a (talks): Session chair: Apostol Vassilev.

Session 3b (talks): Session chair: Rene Peralta.

Session 3c (briefs): Session chair: Luís Brandão.

Each talk is scheduled for 25 min (~20 min monologue + ~5 min Q&A).

Each brief is scheduled for 6 min (5 min talk, plus 1 min transition).

(Schedule details updated on November 20, 2020) 

Selected Presentations
November 6, 2020 Type
12:42 PM MPTS 2020 Final Comments
Luís T. A. N. Brandão - NIST/Strativia

12:36 PM A Multiparty Computation Approach to Threshold ECDSA
Jack Doerner - Northeastern University

12:30 PM Robustness for Dishonest Majority in Threshold ECDSA
Damian Straszak - Cardinal Cryptography

11:55 AM How MPC Frameworks Use Threshold Cryptography
Marcella Hastings - University of Pennsylvania

11:30 AM Scaling Distributed RSA Modulus Generation with a Dishonest Majority
Muthu Venkitasubramaniam - Ligero, Inc. and University of Rochester

11:05 AM Multiparty Generation of an RSA Modulus
Schuyler Rosefield - Northeastern University

10:25 AM UC Non-Interactive, Proactive, Threshold ECDSA with Identifiable Aborts
Nikolaos Makriyannis - Fireblocks

10:00 AM Securing DNSSEC Keys via Threshold ECDSA from generic MPC
Kris Shrishak - TU Darmstadt

9:35 AM Attacks to deployed threshold signatures
Jean-Phillippe Aumasson - ZenGo

Omer Shlomovitz - Taurus

November 5, 2020 Type
12:54 PM The MPC Alliance (MPCA), Status and Roadmap
Frank Wiener - Sepior

12:48 PM Confium: an open source framework to support threshold cryptography standardization
Ronald Tse - Ribose

12:42 PM Towards a Threshold Key Infrastructure
Phillip Hallam-Baker - Comodo

12:36 PM MPC-based key management – Using threshold trust to address different threat models
Jakob Pagter - Sepior

12:30 PM Better Concrete Security for Half-Gates Garbling (in the Multi-Instance Setting)
Xiao Wang - Northwestern University

11:55 AM Global-Scale Threshold AES (and SHA256)
Xiao Wang - Northwestern University

11:30 AM Let’s Standardize Garbled Circuits!
Vladimir Kolesnikov - Georgia Tech

11:05 AM Efficient Actively Secure OT Extension: 5 Years Later
Emmanuela Orsini - KU Leuven

Peter Scholl - Aarhus University

10:25 AM Pseudorandom Correlation Generators: Secure Computation with Silent Preprocessing
Yuval Ishai - Technion

10:00 AM Standardizing Security: The case of threshold cryptography
Ran Canetti - Boston University

9:35 AM Settings and Considerations for Standardizing Multi-Party Threshold Schemes
Yehuda Lindell - Unbound Tech and BIU

November 4, 2020 Type
12:48 PM Brief 1c4: BETA: Biometric Enabled Threshold Authentication
Saikrishna Badrinarayanan - Visa Research

12:42 PM On the need for threshold post-quantum (signature) schemesSpeaker: Jan Willemson
Jan Willemson - Cybernetica

12:36 PM Lattice-based Distributed Signing Protocols from the Fiat–Shamir with Aborts Paradigm
Akira Takahashi - Aarhus University

12:30 PM Threshold Schnorr with Stateless Deterministic Signing
Yashvanth Kondi - Northeastern University

11:55 AM FROST: Flexible Round-Optimized Schnorr Threshold Signatures and Extensibility to EdDSA
Chelsea Komlo - University of Waterloo and Zcash Foundation

11:30 AM Thresholdizing DSA, Schnorr, EdDSA, HashEdDSA, ...
Nigel Smart - KU Leuven

11:05 AM You Only Speak Once – Secure MPC with Stateless Ephemeral Roles
Tal Rabin - Algorand Foundation

10:25 AM Optimizing honest majority threshold cryptosystems
Ivan Damgård - Aarhus University

10:00 AM Publicly Verifiable Secret Sharing and Its Use in Threshold Cryptography
Berry Schoenmakers - Eindhoven University of Technology

9:35 AM Let’s talk about multi-party threshold schemes
Luís T. A. N. Brandão - NIST/Strativia


Event Details

Starts: November 04, 2020 - 09:30 AM EST
Ends: November 06, 2020 - 01:00 PM EST
November 4--6, 2020, 9:30am--1pm EST

Format: Virtual Type: Workshop

Attendance Type: Open to public
Audience Type: Industry,Government,Academia,Other

Parent Project

See: Threshold Cryptography
Created August 13, 2020, Updated May 06, 2021