Efficient multiplicative-to-additive function from Joye-Libert cryptosystem and its application to threshold ECDSA

Author

Haiyang XUE, Singapore Management UniversityFollow
Ho Man AU
Mengling LIU
Yin Kwan CHAN
Handong CUI
Xiang XIE
Hon Tsz YUEN
Chengru ZHANG

Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

11-2024

Abstract

Threshold ECDSA receives interest lately due to its widespread adoption in blockchain applications. A common building block of all leading constructions involves a secure conversion of multiplicative shares into additive ones, which is called the multiplicative-to-additive (MtA) function. MtA dominates the overall complexity of all existing threshold ECDSA constructions. Specifically, O(n2) invocations of MtA are required in the case of n active signers. Hence, improvement of MtA leads directly to significant improvements for all state-of-the-art threshold ECDSA schemes.In this paper, we design a novel MtA by revisiting the Joye-Libert (JL) cryptosystem. Specifically, we revisit JL encryption and propose a JL-based commitment, then give efficient zero-knowledge proofs for JL cryptosystem which are the first to have standard soundness. Our new MtA offers the best time-space complexity trade-off among all existing MtA constructions. It outperforms state-of-the-art constructions from Paillier by a factor of 1.85 to 2 in bandwidth and 1.2 to 1.7 in computation. It is 7X faster than those based on Castagnos-Laguillaumie encryption only at the cost of 2X more bandwidth. While our MtA is slower than OT-based constructions, it saves 18.7X in bandwidth requirement. In addition, we also design a batch version of MtA to further reduce the amortised time and space cost by another 25%.

Keywords

Multiplicative-to-Additive function, Joye-Libert cryptosystem, Threshold ECDSA, Zero-knowledge proof

Discipline

Information Security

Research Areas

Cybersecurity

Areas of Excellence

Digital transformation

Publication

CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, Copenhagen, Denmark, November 26-30

First Page

2974

Last Page

2988

ISBN

9798400700507

Identifier

10.1145/3576915.3616595

Publisher

ACM

City or Country

New York

Citation

XUE, Haiyang; AU, Ho Man; LIU, Mengling; CHAN, Yin Kwan; CUI, Handong; XIE, Xiang; YUEN, Hon Tsz; and ZHANG, Chengru. Efficient multiplicative-to-additive function from Joye-Libert cryptosystem and its application to threshold ECDSA. (2024). CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, Copenhagen, Denmark, November 26-30. 2974-2988.
Available at: https://ink.library.smu.edu.sg/sis_research/9187

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1145/3576915.3616595