Threshold Cryptosystems From Threshold Fully Homomorphic Encryption
Authors: D. Boneh, R. Gennaro, S. Goldfeder, A. Jain, S. Kim, P. Rasmussen, and A. Sahai
Abstract:
We develop a general approach to adding a threshold functionality to a
large class of (non-threshold) cryptographic schemes.
A threshold functionality enables a secret key to be split into a
number of shares, so that only a threshold of parties can use the key,
without reconstructing the key. We begin by constructing a threshold
fully-homomorphic encryption scheme (TFHE) from the
learning with errors (LWE) problem.
We next introduce a new concept, called a universal thresholdizer,
from which many threshold systems are possible.
We show how to construct a universal thresholdizer from our TFHE.
A universal thresholdizer can be used to add threshold functionality
to many systems, such as CCA-secure public key encryption (PKE),
signature schemes, pseudorandom functions, and others primitives.
In particular, by applying this paradigm to a (non-threshold)
lattice signature system, we obtain the first single-round threshold
signature scheme from LWE.
Reference:
In proceedings of Crypto 2018, pp. 565-596.
Full paper: pdf