Manifesting Unobtainable Secrets: Threshold Elliptic Curve Key Generation using Nested Shamir Secret Sharing

TL;DR

This paper introduces a novel method for generating elliptic curve keys using nested Shamir secret sharing, enabling decentralized trust and secure key management for cryptographic applications.

Contribution

It proposes a new threshold secret sharing scheme for elliptic curve key generation, enhancing decentralization and security in cryptographic systems.

Findings

Decentralized key generation without single point vulnerabilities

Applicable to twisted Edwards curves used in EdDSA

Potential to improve IETF threshold elliptic curve standards

Abstract

We present a mechanism to manifest unobtainable secrets using a nested Shamir secret sharing scheme to create public/private key pairs for elliptic curves. A threshold secret sharing scheme can be used as a decentralised trust mechanism with applications in identity validation, message decryption, and agreement empowerment. Decentralising trust means that there is no single point vulnerability which could enable compromise of a system. Our primary interest is in twisted Edwards curves as used in EdDSA, and the related Diffie-Hellman key-exchange algorithms. The key generation is also decentralised, so can be used as a decentralised secret RNG suitable for use in other algorithms. The algorithms presented could be used to fill a ``[TBS]'' in the draft IETF specification ``Threshold modes in elliptic curves'' published in 2020 and updated in 2022.