A Fully Adaptively Secure Threshold Signature Scheme Based on Dual-Form Signatures Technology

Abstract

In $\left(t,n\right)$ threshold signature schemes, any subset of $t$ participants out of $n$ can produce a valid signature, but any fewer than $t$ participants cannot. Meanwhile, a threshold signature scheme should remain robust and unforgeable against up to $t-1$ corrupted participants. This nonforgeability property is that even an adversary breaking into up to $t-1$ participants should be unable to generate signatures on its own. Existential unforgeability against adaptive chosen message attacks is widely considered as a standard security notion for digital signature, and threshold signature should also follow this accordingly. However, there are two special attack models in a threshold signature scheme: one is the static corruption attack and the other is the adaptive corruption attack. Since the adaptive corruption model appears to better capture real threats, designing and proving threshold signature schemes secure in the adaptive corruption model has been focused on in recent years. If a threshold signature is secure under adaptive chosen message attack and adaptive corruption attack, we say it is fully adaptively secure. In this paper, based on the dual pairing vector spaces technology, we construct a threshold signature scheme and use Gerbush et al.’s dual-form signatures technology to prove our scheme, which is fully adaptively secure in the standard model, and then compare it to other schemes in terms of the efficiency and computation.