An Efficient Multi-party ECDSA system

Multi-party ECDSA allows a set of servers to produce digital signatures. It can be used to provide an additional layer of security in a cryptographic application, by removing the single point of failure that comes from storing the signing key in one place. There has recently been a renewed interest in building multi-party signatures for financial applications, particularly in the case of protecting the secret key in a cryptocurrency wallet used to authorize transactions.

As shown in Fig 1, in our multi-party ECDSA system, the service parties are divided into two categories, namely a signature service and two guardian services. On the one hand, the user and the Signature Service perform the multi-party ECDSA protocol for asset transactions. On the other hand, the user interacts with the two guardian servers for key backup and updates to improve key security.

Fig 1. Multi-party ECDSA system framework

Our Multi-party ECDSA system consists of four parts.

Part 1: This part consists of 5 steps: Initialization, key sharding, first verification, multi-party signature, transaction verification;

Part 2: This part consists of 3 steps: Key sharding backup, the second check, and the third check;

Part 3: This part consists of 4 steps: Key sharding update, first verification, multi-party signature, transaction verification;

Part 4: This part consists of 3 steps: Key sharding backup update, the second check, and the third check.

These 4 parts are relatively independent. Parts 1 and 2 must be implemented; Parts 3 and 4 update functions, performed according to user requirements.

Part 1

Initialization: The user generates the private key, public key, and address.

Key sharding: The user constructs a polynomial, and calculates the value of two polynomials. Save one, and confidentially send the other to the Signature Service. The value of the polynomial is denoted as the private key sharding.

l Verification 1 (user and Signature Service): a message is signed using the private key sharding and sent to the Signature Service. The Signature Service also uses his private key sharding to sign the message, constructs a complete signature based on the two signature shardings, and verifies the correctness of the complete signature.

Multi-party Signature: The user uses his private key sharding to sign a transaction and submits it to the Signature Service, which uses his private key sharding to sign the transaction and then merges the two shard signatures and submits them to the blockchain system.

Transaction verification: Miners in the blockchain system verify the validity of the transaction and signatures. If valid, accept, otherwise reject.

Part 2

Key sharding backup: Users select random numbers to construct polynomials, calculate the values of three polynomials, save one, and confidentially send the other two to Guardian Google service and Guardian Apple service.

The second verification (user and Guardian Google Service): a message is signed with the private key sharding and sent to the Guardian Google service. Guardian Google service also uses its private key sharding to sign the message, constructs a complete signature based on the two signature shards, and then verifies the correctness of the complete signature.

The third verification (user and Guardian Apple Service): a message is signed with the private key sharding and sent to the Guardian Apple Service. The Guardian Apple Service also uses its sharding private key to sign the message, constructs a complete signature based on the two signature shardings, and then verifies the correctness of the complete signature.

Part 3

Key sharding update: the user selects a new random number to construct a polynomial, calculates the values of the two polynomials, saves one, and confidentially sends the other one to the Signature Service.

Verification 1 (user and Signature Service): a message is signed using the private key sharding and sent to the Signature Service. The Signature Service also uses its sharding private key to sign the message, constructs a complete signature based on the two signature shardings, and verifies the correctness of the complete signature.

Multi-party Signature: The user uses his private key sharding to sign the transaction order and submits it to the Signature Service, which uses his private key sharding to sign the transaction order and then merges the two shard signatures and submits them to the blockchain system.

Transaction verification: Miners in the blockchain system verify the validity of transaction orders and signatures. If valid, accept, otherwise reject.

Part 4

Key sharding backup: the user selects a new random number to construct a polynomial, calculates the values of three polynomials, saves one, and confidentially sends the other two to the Guardian Google service and Guardian Apple service.

The second verification (user and Guardian Google Service): a message is signed with the private key sharding and sent to the Guardian Google service. Guardian Google service also uses its private key sharding to sign the message, constructs a complete signature based on the signature shards, and then verifies the correctness of the complete signature.

The third verification (user and Guardian Apple Service): a message is signed with the private key sharding and sent to the Guardian Apple service. The Guardian Apple Service also uses its private key sharding to sign the message, constructs a complete signature based on the two signature shardings, and then verifies the correctness of the complete signature.