This is a potential security issue, you are being redirected to https://csrc.nist.gov.
Abstract. In this presentation, I will begin by describing different deployment scenarios for threshold cryptography (and threshold signatures in particular), especially highlighting the unique aspects of threshold protocols run in a "federated key-management network." I will then suggest that NIST standardize two threshold variants for ECDSA signatures: a dishonest-majority protocol and an honest-majority protocol. Finally, I will discuss some observations we have had at Dfns while implementing and deploying the dishonest-majority CGGMP21 protocol for threshold ECDSA, and describe details of an honest-majority threshold ECDSA protocol we have been developing.
Security and Privacy: cryptography