The NIST Workshop on Multi-Party Threshold Schemes (MPTS) 2026 will bring together multiple perspectives on Threshold Cryptography, in a learning and collaborative environment. The 4-day virtual workshop is organized within the scope of the NIST Multi-Party Threshold Cryptography (MPTC) project, to gather insights about the state of the art. In scope are topics related to the specification, implementation, analysis, and deployment of threshold schemes (and threshold-friendly primitives). The event will include invited and externally-proposed talks, including “previews” of upcoming submissions in reply to the NIST Threshold Call.
MPTS 2026 welcomes proposals of talks related to Threshold Cryptography, including about any of the following topics:
- Threshold security. Security formulation (e.g., simulatable, game-based), analysis, and provability. Security against adaptive corruptions. Proactive security. Suitability of cryptographic and/or idealized assumptions (e.g., ROM, AGM, GGM) and conjectures. Consequences of (non-ideal) real instantiation of idealized components. Relevant security properties.
- Systematization of knowledge. Techniques, applications, and related context, about any topic of relevance within the scope of the NIST Threshold Call, including multi-party computation (MPC), zero-knowledge proofs (ZKP), fully-homomorphic encryption (FHE), threshold-friendly cryptographic primitives (e.g., key-generation, signatures, encryption/decryption, hashing) and their corresponding threshold schemes.
- Need and adoptability. Application use cases (fulfilled, urgent, emerging, envisioned). Pertinent setup assumptions, threshold profiles (§C.3), and threshold interfaces (§C.4).
- Concrete threshold schemes. Novel schemes (e.g., with new assumptions, lower number of rounds, better results in a metric of interest) and older pertinent schemes.
- Special properties. Relation between threshold capabilities and other properties, such as succinctness, FHE/ZKP-friendliness, blinding, aggregation, batching.
- Building blocks and networking. Garbled circuits, oblivious transfer, useful commitment schemes, vector oblivious linear evaluation, broadcast, consensus, etc. See §10.7 and §C.1.2 of NISTIR 8214C 2pd.
- Implementation, testing, validation, certification. Criteria and techniques for validation/verification of implementations of threshold schemes. Test vectors and reproducibility challenges when testing distributed systems, and/or floating-point operations. Formal methods. Certification profiles.
- Quantum resistance/vulnerability. Threshold schemes for PQC primitives. Pairing-based threshold schemes. Examples, challenges, advantages and other differences between quantum-resistant and quantum-vulnerable solutions. Levels of security strength.
- Development, education, standardization and other community efforts. Perspectives on efforts related to techniques in scope of the NIST Threshold Call, including FHE, MPC, threshold schemes, ZKP, and useful building blocks.
The NIST Threshold Call (NISTIR 8214C 2pd) establishes a phase of "Previews", designed for prospective teams to present their plans for an upcoming package submission. A preview requires publication of a "Preview Writeup" and giving a "Preview Talk":
The MPTS 2026 workshop will include a track for "Preview Talks", related to the NIST Threshold Call (see NISTIR 8214C).
