CryptoDB
Finally! A Compact Lattice-Based Threshold Signature
| Authors: |
|
|---|---|
| Download: | |
| Conference: | PKC 2025 |
| Abstract: | Threshold signatures improve upon digital signatures by splitting the trust and robustness among multiple parties. In a (T, N) threshold signature any set of T parties can produce a signature but no set of less than T users can do so. Many such constructions are now available in the pre-quantum setting but post-quantum threshold schemes are still running heavy, with the state-of-the-art boasting signature sizes that are still an order of magnitude larger than post-quantum digital signatures. We propose a novel very efficient threshold signature scheme, with a signature size close to that of a single Dilithium signature for any threshold T of at most 8 users. Our construction reduces to well-studied problems (MLWE and SelfTargetMSIS) and does not need any heavy machinery, essentially consisting in just T parallel executions of the Dilithium signature scheme. Though the resulting scheme is remarkably simple, many technical difficulties, such as sharing a secret in small shares, or simulating rejecting transcripts, have kept such an efficient threshold signature out of reach until now. |
BibTeX
@inproceedings{pkc-2025-35214,
title={Finally! A Compact Lattice-Based Threshold Signature},
publisher={Springer-Verlag},
author={Rafael del Pino and Guilhem Niot},
year=2025
}