MPC-based key management – Using threshold trust to address different threat models

Abstract: In key management based on Multi-Party Computation (MPC) cryptographic primitives are implemented through a distributed protocol executed by a set of MPC components. A fundamental but often ignored part of this, is the way in which control over the individual MPC components is used to address the threat model of the application. This allows the nice mathematical properties of threshold cryptography to address different trust models or different threat models. In this brief we will provide two examples (one where each MPC node is owned by the same enterprise, and one where nodes reflect different policy elements as well as end-user control) and use these to start a discussion about constructing a taxonomy for how to align threats with what it offered by security architectures offered by MPC.