Threshold ECDSA with an Offline Recovery Party

TL;DR

This paper introduces a novel threshold ECDSA signature scheme allowing distributed signing with an offline participant during key generation, maintaining compatibility with existing centralized verification, and ensuring security against malicious adversaries.

Contribution

It presents the first protocol enabling offline parties in threshold ECDSA key generation without trusted third parties, extending previous schemes.

Findings

Supports offline participant during key generation.

Maintains compatibility with existing ECDSA verification.

Proven secure against adaptive malicious adversaries.

Abstract

A $(t,n)-$ threshold signature scheme enables distributed signing among $n$ players such that any subgroup of size $t$ can sign, whereas any group with fewer players cannot. Our goal is to produce signatures that are compatible with an existing centralized signature scheme: the key generation and signature algorithm are replaced by a communication protocol between the parties, but the verification algorithm remains identical to that of a signature issued using the centralized algorithm. Starting from the threshold schemes for the ECDSA signature due to R. Gennaro and S. Goldfeder, we present the first protocol that supports multiparty signatures with an offline participant during the Key Generation Phase, without relying on a trusted third party. Following well-established approaches, we prove our scheme secure against adaptive malicious adversaries.