Two-Party Signing For ISO/IEC Digital Signature Standards

Abstract

Abstract Two-party signing can be used to provide a high level of key protection especially in the blockchain systems where the safety of money relies on the safety of the signing key. With a two-party signing protocol, the signing key is distributed among two devices, thus the funds are safe as long as one device remains uncorrupted. In this paper, we study the two-party signing protocols for all ISO/IEC signature standards. The mechanisms based on elliptic curve discrete logarithm in ISO/IEC can be divided into three types: Schnorr-type, Elliptic Curve Digital Signature Algorithm (ECDSA)-type and SM2-type. There have already been efficient two-party protocols based on Schnorr signature scheme which can be easily extended into all Schnorr-type standards. However, it is particularly hard to construct efficient distributed SM2-type and ECDSA-type protocols due to their nonlinear signing equations. In this paper, we present the first secure and efficient two-party protocol over SM2-type signature standard. We prove its security in the generic group model. We then construct a more efficient two-party ECDSA protocol that is secure in the generic group model and outperforms all previous works.