Date Published: August 12, 2022
Comments Due: October 24, 2022 (public comment period is CLOSED)
Email Questions to:
nistir-8214B-comments@nist.gov
Planning Note (01/24/2023):
See the comments received on NIST IR 8214B ipd. This report is an output of the NIST Multi-Party Threshold Cryptography (MPTC) project.
This report considers signature schemes that are compatible with the verification phase of the Edwards Curve Digital Signature Algorithm (EdDSA) specified in Draft Federal Information Processing Standards (FIPS) publication 186-5. The report analyzes threshold schemes, where the private signing key is secret-shared across multiple parties, and signatures can be produced without the parties reconstructing the key. Security holds even if up to a threshold number of parties has been compromised.
The report reviews the properties of EdDSA/Schnorr deterministic and probabilistic signatures schemes, both in the conventional (non-threshold) and threshold setting, summarizing various known properties and approaches. These threshold signatures can allow for a drop-in replacement of conventional signatures without changing the legacy code used for verification. This work is useful to advance the NIST Multi-Party Threshold Cryptography project, which is also interested in other primitives. The document suggests that it is beneficial to further consult with the community of experts for security formulations, technical descriptions, and reference implementations.
The report includes a section for each of the following:
NOTE: A call for patent claims is included on page iii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.
None selected
Publication:
https://doi.org/10.6028/NIST.IR.8214B.ipd
Download URL
Supplemental Material:
Comments received (pdf)
Publication Parts:
IR 8214
IR 8214A
Document History:
08/12/22: IR 8214B (Draft)