"Preview Talk" (by Team BICYCCLIST) @ MPTS 2026, in reply to the NIST Threshold Call
Abstract. In this preview talk, we introduce TECLA and THE CLASH, efficient two-party and threshold ECDSA schemes, respectively, built upon Class Group Cryptography. Both schemes take advantage from linearly homomorphic public key encryption (PKE) to distribute private shares of the distributed ECDSA signature between parties. The specific PKE building block is the Castagnos-Laguillaumie (CL) encryption scheme, whose main advantage is the reduction of communication costs compared with other linearly homomorphic PKE. Both schemes are accompanied by benchmarked implementations using the BICYCL public repository, an optimized and specialized library for class group cryptography. In this presentation, we present TECLA and THE CLASH, their building blocks and their main characteristics, and we give an overwiew on their benchmarks using our implementation, which will be part of our submission packages. The packages satisfy the requirement of the NIST call as interchangeability and provable security. More specifically, TECLA achieves simulation based security against probabilistic polynomial time (PPT) malicious adversaries which statically corrupt one of the parties. THE CLASH has game based security against probabilistic polynomial time (PPT) malicious adversaries which statically corrupt a threshold t < n, where n is the number of parties. The proposal fits in Category N1.2: ECDSA signing.
Joint work: Cyril Bouvier, Guilhem Castagnos, Dario Catalano, Quentin Combal, Fabien Laguillaumie, Federico Savasta, Ida Tucker.
[Slides] Suggested readings:
- Preview Writeup: TECLA: Two-party ECDSA from CLAss groups
- Preview Writeup: Two-Party ECDSA from Linearly Homomorphic Encryption over Class Groups
- I want to ride my BICYCL: BICYCL Implements CryptographY in CLass groups (ia.cr/2022/1466)
