CryptoDB
Threshold Cryptography as a Service
| Authors: | |
|---|---|
| Download: | |
| Abstract: | Modern trends such as the outsourcing of computation to the cloud and recent advances in decentralized applications, particularly in the area of blockchains, are presenting new motivation and necessity to deploy threshold cryptography. While these techniques have been traditionally considered for a small set of parties, in this paper we are interested in larger deployments. Our focus is on a setting where a large distributed system or a set of servers provides cryptographic services to other applications by operating cryptographic functions in a shared way, and with threshold security. We develop efficient and scalable building blocks for Threshold Cryptography as a Service, that enable central tasks such as distributed key generation, threshold signatures and encryption, proactive refreshing of key shares, custodial services, etc. Our solutions apply both in a traditional setting with dedicated servers, as well as in a fully decentralized architecture such as a public blockchain. The underlying design is for a functionality we call MultiVSS, which runs multiple concurrent Verifiable Secret Sharing (VSS) executions on a multiplicity of secrets input by the different protocol participants. Using batching and other techniques we achieve a reduction in the cost of processing multiple secrets by a factor of $n$, the number of parties in the system. Even for a moderate number of servers the performance gain is significant and it becomes crucial for operations involving a large number of servers as in some of our applications. Consequently, we achieve scalability to large sets of participants which, in the case of blockchains, can rise to hundreds or even thousands of nodes with each node sharing a large number of secrets in tandem. We implement and show the practicality of the system for possibly millions of clients, as in the case of custodial services, and any number (small or large) of servers. Our solution supports additional features such as packing of secrets, dynamic server allocation and dishonest majorities. We further apply these constructions to the newly introduced YOSO model. |
BibTeX
@misc{rwc-2022-35507,
title={Threshold Cryptography as a Service},
howpublished={Talk given at RWC 2022},
author={Tal Rabin and Fabrice Benhamouda and Shai Halevi and Hugo Krawczyk and Alex Miao},
year=2022
}