Idealized models are a useful tool for proving the security of cryptographic schemes. For example, the random oracle model (ROM) gives an idealization of crytographic hash functions, whereas the GGM and AGM give
A few months ago, I wrote a short (informal) note that reviews the general forking lemma and several variations thereof, and discusses the differences among each variant.
I have recently updated this note
First introduced by Pointcheval and Stern, the forking lemma is commonly used in proofs of security to demonstrate a reduction to breaking some known-to-be-hard mathematical problem. While the original forking lemma is straightforward,
I recently wrote a guest blog post for the Ethereum Foundation comparing security assumptions underpinning four threshold signature schemes, including FROST. As a summary, the key difference between efficient two-round schemes (FROST and
Schnorr signatures and identification protocols have undergone significant
security analysis over the years. However, strategies for proving their security
differ depending on slight variations in the schemes and security models.
I wrote a
