First introduced by Pointcheval and Stern, the forking lemma is commonly used in proofs of security to demonstrate a reduction to breaking some known-to-be-hard mathematical problem. While the original forking lemma is straightforward,
I recently wrote a guest blog post for the Ethereum Foundation comparing security assumptions underpinning four threshold signature schemes, including FROST. As a summary, the key difference between efficient two-round schemes (FROST and
Schnorr signatures and identification protocols have undergone significant
security analysis over the years. However, strategies for proving their security
differ depending on slight variations in the schemes and security models.
I wrote a
I recently gave my first in-person lecture in almost two years since the
pandemic began, and it was such a great experience.
I talked about attacks and fixes for distributed key generation (DKG)
I was invited to present FROST and to give recommendations for the
standardization of Schnorr threshold signatures at the recent NIST workshop on
standardization of threshold schemes