| CPC H04L 9/3255 (2013.01) [H04L 9/085 (2013.01); H04L 9/0869 (2013.01)] | 17 Claims |
|
1. A computer-implemented method of requiring at least one of a sub-group of a group of participants to contribute to a threshold-optimal signature scheme, wherein a valid signature comprises a first signature component and a second signature component, wherein each participant has a respective private key share of a shared private key, a respective ephemeral private key share of a shared ephemeral private key, and the first signature component, wherein the shared private key can only be generated with at least a first threshold number of respective private key shares, and wherein the method comprises, by a first participant belonging to the sub-group:
obtaining at least a second threshold number of respective shares of a message-independent component (MIC) of the second signature component, wherein each respective share of the MIC is generated by a respective participant based on a respective ephemeral private key share, a respective private key share and the first signature component, wherein the MIC can only be generated with at least the second threshold number of respective shares of the MIC, wherein a first share of the MIC is generated by the first participant, and wherein the respective shares of the MIC are available only to one or more participants of the sub-group;
generating the MIC based on the obtained second threshold number of respective shares; and
a) making the MIC available to a coordinator for generating the second signature component based on the MIC and the second threshold number of respective shares of a message-dependent component (MDC) of the second signature component, each respective share of the MDC being generated based on a respective ephemeral private key share and a hash of a message to be signed by the valid signature; and/or
b) splitting the MIC into a plurality of secondary MIC shares, wherein a third threshold number of the secondary MIC shares are required to generate the MIC; and distributing one or more respective secondary MIC shares to respective participants of the group for the third threshold number of participants for generating the MIC and making the MIC available to a coordinator for generating the second signature component.
|