Reaching Consensus for Asynchronous Distributed Key Generation

TL;DR

This paper introduces an efficient asynchronous distributed key generation protocol that is resilient to faults, with improved round and communication complexity, relying only on a public key infrastructure.

Contribution

It presents a novel A-DKG protocol with optimal fault tolerance, constant expected rounds, and reduced communication, along with new building blocks like Proposal Election and Verifiable Gather protocols.

Findings

Achieves optimal resilience with $f<\frac{n}{3}$ faults.

Reduces expected rounds to a constant.

Decreases communication complexity to $\tilde{O}(n^3)$.

Abstract

We give a protocol for Asynchronous Distributed Key Generation (A-DKG) that is optimally resilient (can withstand $f<\frac{n}{3}$ faulty parties), has a constant expected number of rounds, has $\tilde{O}(n^3)$ expected communication complexity, and assumes only the existence of a PKI. Prior to our work, the best A-DKG protocols required $\Omega(n)$ expected number of rounds, and $\Omega(n^4)$ expected communication. Our A-DKG protocol relies on several building blocks that are of independent interest. We define and design a Proposal Election (PE) protocol that allows parties to retrospectively agree on a valid proposal after enough proposals have been sent from different parties. With constant probability the elected proposal was proposed by a non-faulty party. In building our PE protocol, we design a Verifiable Gather protocol which allows parties to communicate which proposals they have and have not seen in a verifiable manner. The final building block to our A-DKG is a Validated Asynchronous Byzantine Agreement (VABA) protocol. We use our PE protocol to construct a VABA protocol that does not require leaders or an asynchronous DKG setup. Our VABA protocol can be used more generally when it is not possible to use threshold signatures.