Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Presentations 2023
Presentation

Exploring the power of threshold BLS

September 26, 2023

Presenters

Pratyay Mukherjee - Supra Research

Description

Abstract. Since its inception in 2004, BLS signature (named after its inventors Bonneh, Lynn and Shacham) has been very popular among researchers due to its uber-simple structure, small size, and plethora of features it offers. For example, BLS is a unique deterministic signature, and is readily thresholdizable due to its “key-homomorphism”. The signing procedure is completely non-interactive, once a key is setup (for example, by using a standard distributed key-generation, or DKG, in a fully decentralized setting). Therefore, it can be used in an asynchronous or partially synchronous setting immediately. Efficiency-wise, threshold BLS outperforms other threshold signatures such as ECDSA and Schorr in the signing, but incurs a higher cost during aggregation and verification due to use of pairing. Nevertheless, the signature size of BLS is much shorter. Furthermore, BLS supports easy aggregation of multiple signatures on the same messages but with different public keys (multi-signatures) and also various signatures on different messages (aggregate signatures). Due to its deterministic (and unique) nature, it can be immediately converted to a distributed VRF. Moreover, as shown by Das et al. (CCS’23) and Garg et al. (S&P’24), scalable weighted threshold signatures can be built based on BLS, without requiring a separate DKG. Other features include multiverse signatures, as constructed by Baird et al. (S&P’23). In Web3 setting variants of BLS signatures were deployed in several blockchain ecosystems, including Ethereum 2.0 for generating validation certificates (a BLS multi-signature was used in this case), and Hashgraph to generate a state proof. Furthermore, Distributed VRFs based on BLS were deployed in DRand, Dfinity, Supra DVRF. In this talk I shall present the importance of threshold BLS signatures, the amazing features it offers in the threshold setting, and also the trade-off in efficiency (due to pairing) in comparison with ECDSA and Schnorr. We would like to make a case for standardization of BLS in Category 2.1: verifiably-deterministic succinct signatures.

[Slides] [Video]

Presented at

MPTS 2023: NIST Workshop (virtual) on Multi-Party Threshold Schemes 2023

Event Details

Location

    Virtual

Related Topics

Security and Privacy: cryptography

Created September 21, 2023, Updated October 25, 2023