International Association for Cryptologic Research (IACR)
Abstract
This work investigates efficient multi-party signature schemes in the discrete logarithm setting. We focus on a concurrent model, in which an arbitrary number of signing sessions may occur in parallel. Our primary contributions are: (1) a modular framework for proving the security of Schnorr multisignature and threshold signature schemes, (2) an optimization of the two-round threshold signature scheme FROST that we call FROST2, and (3) the application of our framework to prove the security of FROST2 as well as a range of other multi-party schemes.
We begin by demonstrating that our framework is applicable to multisignatures. We prove the security of a variant of the two-round MuSig2 scheme with proofs of possession and a three-round multisignature SimpleMuSig. We introduce a novel three-round threshold signature SimpleTSig and propose an optimization to the two-round FROST threshold scheme that we call FROST2. FROST2 reduces the number of scalar multiplications required during signing from linear in the number of signers to constant. We apply our framework to prove the security of FROST2 under the one-more discrete logarithm assumption and SimpleTSig under the discrete logarithm assumption in the programmable random oracle model