The upcoming NIST First Call for Multi-Party Threshold Schemes (see the initial public draft in NIST IR8214C ipd, and received public comments) will solicit public proposals of threshold schemes (multi-party protocols) for various cryptographic primitives. The NIST Workshop on Multi-Party Threshold Schemes (MPTS) 2023 will collect further feedback before the final version of the Call.
The proposed by the "NIST Threshold Call" includes exploring techniques of MPC (secure multiparty computation), ZKP (zero-knowledge proofs), FHE (fully-homomorphic encryption), and IBE/ABE (identity-based and attribute-based encryption), among other techniques of interest to the PEC project. More details about the public call can be found in the webpage of the NIST Multi-Party Threshold Cryptography (MPTC) project.
Below is a copy of Table 2 of the mentioned draft call (NIST IR8214C ipd), showcasing the subcategories of interest, within category Cat2 (for primitives not specified by NIST). The analysis of submitted schemes will include engagement by the MPTC and the PEC projects.
Subcategory: Type | Example scheme | Example primitive | |
---|---|---|---|
C2.1: Signing | TF Succinct & verifiable-deterministic signatures | Signing | |
|
Signing | ||
C2.2: PKE | TF-QR public-key encryption (PKE) | Decryption/encryption | |
C2.3: KA | Low-round multi-party key-agreement (KA) | Single-party primitives | |
C2.4: Symmetric | TF blockcipher/PRP | Encipher/decipher | |
TF key-derivation / key confirmation (KC) | PRF and hash function | ||
C2.5: Keygen | Any of the above | Keygen | |
C2.6: Advanced | TF fully-homomorphic encryption (FHE) | Decryption; Keygens | |
TF identity-based encryption (IBE), attribute-based encryption (ABE) | Decryption; Keygens | ||
C2.7: ZKPoK | ZKPoK of private key | ZKPoK.Generate | |
C2.8: Gadgets | Garbled circuit (GC) | GC.generate; GC.evaluate |
Legend: 2KE = pair-wise key-establishment; KC = Key confirmation; KD = Key derivation; Keygen = key-generation; PRF = pseudorandom function (family); PRP = pseudorandom permutation (family); QR = quantum resistant; TF = threshold friendly; ZKPoK = Zero-knowledge proof of knowledge.
Also, there is a category Cat1 for threshold schemes for NIST specified primitives. The upcoming revision of NISTIR 8214C ipd is expected to include in subcategory C1.1 and C.1.2 some primitives of the schemes selected by the NIST-PQC project in 2022.
Security and Privacy: cryptography, privacy