Research: The Many Faces of Schnorr
"One of our main goals in this paper is to provide a unifying framework in order to better understand the techniques used in various protocols."
- "Recently, a number of highly optimized threshold signing protocols for Schnorr signatures have been proposed."
- "One such notable protocol is FROST, which provides security even with an unlimited number of presignatures; moreover, assuming unused presignatures are available, signing requests can be processed concurrently with minimal latency."
- "Unfortunately, FROST is not a robust protocol, at least in the asynchronous communication model (arguably the most realistic model for such a protocol)."
- "A more recent protocol is SPRINT, which provides robustness without synchrony assumptions, and actually provides better throughput than FROST."
- "Unfortunately, SPRINT is only secure in very restricted modes of operation."
"Our main new result is to show how to securely combine the techniques used in FROST and SPRINT, allowing one to build a threshold Schnorr signing protocol that:
1) is secure and robust without synchrony assumptions (like SPRINT);
2) provides security even with an unlimited number of presignatures, and (assuming unused presignatures are available) signing requests can be processed concurrently with minimal latency (like FROST);
3) achieves high throughput (like SPRINT), and;
4) achieves optimal resilience."
- "Besides achieving this particular technical result, one of our main goals in this paper is to provide a unifying framework in order to better understand the techniques used in various protocols."
- " To that end, we attempt to isolate and abstract the main ideas of each protocol, stripping away superfluous details, so that these ideas can be more readily combined and implemented in different ways."
- "Another one of our goals to carry out a security analysis of these enhanced attack modes in the Generic Group Model (GGM), sometimes in conjunction with the Random Oracle Model (ROM)."
