Questions tagged as ['threshold-cryptography']

Threshold cryptography is the art of chopping a secret into little bits, so that the secret can only be learned by possessing more than a threshold number of those bits.
Score: 2
Laba Sa avatar
Sage code for finding generator matrix of MDS code
in flag
  1. Let $L$ be an $[n,k]$ code. A $k\times n$ matrix $G$ whose rows form a basis for $L$ is called a generator matrix for $L$.

  2. A linear $[n,k,d]$ code with largest possible minimum distance is called maximum distance $d$ separable or MDS code.

I want to find a generator matrix for MDS code using SageMath or in another way, is there any SageMath code to check a matrix is a generator matrix for the MDS ...

Score: 4
BGW multiplication by Gennaro et al.: Why does H(x) have exactly degree t and why is $2t + 1 \le n$ necessary?
jp flag

With this question I am referring to the BGW multiplication by Gennaro et al (PDF here). The multiplication is described on the 4th page. (Another source for me was "A pragmatic Introduction to Secure Multi-Party Computation" p. 43-44)

Summary of BGW Multiplication Procedure: To do the multiplication of 2 secret values $\alpha$ and $\beta$ of every player $P_i$ has to have the share $f_{\alpha}(i ...

Score: 2
Evgeni Vaknin avatar
Threshold implementation of ciphers
za flag

What is the principle behind threshold implementation of block ciphers and how is this protecting against side channel attacks?

Score: 1
Gennaro & Goldfeder Key Generation Protocol
cn flag

As I am going through the “Fast Multiparty Threshold ECDSA with Fast Trustless Setup” paper by Gennaro & Goldfeder, 2018, I am stumbled by the key generation protocol (Sect. 4.1, p.10):

Clip of the key generation protocol from Gennaro & Geldfeder, 2018

In Phase 1, they create a (commitment, decommitment) pair using a commitment scheme. Earlier in the paper, they mention that “in practice one can use any secure hash function H and define the commitment to x ...

Score: 1
Coin tosses in the context of commitment schemes
cn flag

I was reading the “Fast Multiparty Threshold ECDSA with Fast Trustless Setup” paper by Gennaro & Goldfeder, 2018 and I encountered this portion (Sect. 2.4, p.6):

Portion of the paper that talks about Com protocol

This excerpt leaves me slightly confused. First, there’s seemingly a mismatch (a typo?) between r and R — or is it that R is the set from which r is sampled? Second, most important, what are these coin tosses? There’s no men ...