tss: Adds RSA Threshold signatures #364
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
RSA Threshold Signatures
This is an implementation of "Practical Threshold Signatures" by Victor Shoup.
Protocol 1 is implemented.
Threshold Primer
Let l be the total number of players, t be the number of corrupted players, and k be the threshold.
The idea of threshold signatures is that at least k players need to participate to form a valid signature.
Setup consists of a dealer generating l key shares from a key pair and "dealing" them to the players. In this implementation the dealer is trusted.
During the signing phase, at least k players use their key share and the message to generate a signature share.
Finally, the k signature shares are combined to form a valid signature for the message.
Modifications