{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T17:57:05Z","timestamp":1773511025189,"version":"3.50.1"},"publisher-location":"Cham","reference-count":54,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031385568","type":"print"},{"value":"9783031385575","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-38557-5_24","type":"book-chapter","created":{"date-parts":[[2023,8,8]],"date-time":"2023-08-08T19:03:06Z","timestamp":1691521386000},"page":"743-773","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":27,"title":["Practical Schnorr Threshold Signatures Without the\u00a0Algebraic Group Model"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2370-7864","authenticated-orcid":false,"given":"Hien","family":"Chu","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0164-0187","authenticated-orcid":false,"given":"Paul","family":"Gerhart","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6237-5228","authenticated-orcid":false,"given":"Tim","family":"Ruffing","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6943-8914","authenticated-orcid":false,"given":"Dominique","family":"Schr\u00f6der","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,8,9]]},"reference":[{"key":"24_CR1","unstructured":"Implementation of FROST by Bank of Italy. https:\/\/github.com\/bancaditalia\/secp256k1-frost"},{"key":"24_CR2","unstructured":"Implementation of FROST by CoinBase. https:\/\/github.com\/coinbase\/kryptology\/tree\/v1.8.0\/pkg\/ted25519\/frost"},{"key":"24_CR3","unstructured":"Implementation of FROST by Taurus SA. https:\/\/github.com\/taurusgroup\/frost-ed25519"},{"key":"24_CR4","unstructured":"Implementation of FROST in libsecp256k1-zkp. https:\/\/github.com\/BlockstreamResearch\/secp256k1-zkp\/pull\/138"},{"key":"24_CR5","doi-asserted-by":"publisher","unstructured":"Abram, D., Nof, A., Orlandi, C., Scholl, P., Shlomovits, O.: Low-bandwidth threshold ECDSA via pseudorandom correlation generators. In: 2022 IEEE Symposium on Security and Privacy, pp. 2554\u20132572. IEEE Computer Society Press (2022). https:\/\/doi.org\/10.1109\/SP46214.2022.9833559","DOI":"10.1109\/SP46214.2022.9833559"},{"key":"24_CR6","doi-asserted-by":"publisher","unstructured":"Bagherzandi, A., Cheon, J.H., Jarecki, S.: Multisignatures secure under the discrete logarithm assumption and a generalized forking lemma. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM CCS 2008, pp. 449\u2013458. ACM Press (2008). https:\/\/doi.org\/10.1145\/1455770.1455827","DOI":"10.1145\/1455770.1455827"},{"key":"24_CR7","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"517","DOI":"10.1007\/978-3-031-15985-5_18","volume-title":"CRYPTO 2022, Part IV","author":"M Bellare","year":"2022","unstructured":"Bellare, M., Crites, E.C., Komlo, C., Maller, M., Tessaro, S., Zhu, C.: Better than advertised security for non-interactive threshold signatures. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022, Part IV. LNCS, vol. 13510, pp. 517\u2013550. Springer, Heidelberg (2022). https:\/\/doi.org\/10.1007\/978-3-031-15985-5_18"},{"issue":"3","key":"24_CR8","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1007\/s00145-002-0120-1","volume":"16","author":"M Bellare","year":"2003","unstructured":"Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The one-more-RSA-inversion problems and the security of Chaum\u2019s blind signature scheme. J. Cryptol. 16(3), 185\u2013215 (2003). https:\/\/doi.org\/10.1007\/s00145-002-0120-1","journal-title":"J. Cryptol."},{"key":"24_CR9","doi-asserted-by":"publisher","unstructured":"Bellare, M., Neven, G.: Multi-signatures in the plain public-key model and a general forking lemma. In: Juels, A., Wright, R.N., De Capitani di Vimercati, S. (eds.) ACM CCS 2006, pp. 390\u2013399. ACM Press (2006). https:\/\/doi.org\/10.1145\/1180405.1180453","DOI":"10.1145\/1180405.1180453"},{"key":"24_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/3-540-45708-9_11","volume-title":"Advances in Cryptology \u2014 CRYPTO 2002","author":"M Bellare","year":"2002","unstructured":"Bellare, M., Palacio, A.: GQ and Schnorr identification schemes: proofs of security against impersonation under active and concurrent attacks. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 162\u2013177. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45708-9_11"},{"key":"24_CR11","unstructured":"Bellare, M., Tessaro, S., Zhu, C.: Stronger security for non-interactive threshold signatures: BLS and FROST. Cryptology ePrint Archive, Report 2022\/833 (2022). https:\/\/eprint.iacr.org\/2022\/833"},{"key":"24_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-36288-6_3","volume-title":"Public Key Cryptography \u2014 PKC 2003","author":"A Boldyreva","year":"2003","unstructured":"Boldyreva, A.: Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 31\u201346. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36288-6_3"},{"key":"24_CR13","unstructured":"Brandao, L., Peralta, R.: NIST First Call for Multi-Party Threshold Schemes. https:\/\/csrc.nist.gov\/publications\/detail\/nistir\/8214c\/draft"},{"key":"24_CR14","unstructured":"Brown, D.R.L.: A flaw in a theorem about Schnorr signatures. Cryptology ePrint Archive, Report 2015\/509 (2015). https:\/\/eprint.iacr.org\/2015\/509"},{"key":"24_CR15","doi-asserted-by":"publisher","unstructured":"Canetti, R., Gennaro, R., Goldfeder, S., Makriyannis, N., Peled, U.: UC non-interactive, proactive, threshold ECDSA with identifiable aborts. In: Ligatti, J., Ou, X., Katz, J., Vigna, G. (eds.) ACM CCS 2020, pp. 1769\u20131787. ACM Press (2020). https:\/\/doi.org\/10.1145\/3372297.3423367","DOI":"10.1145\/3372297.3423367"},{"key":"24_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1007\/978-3-030-45388-6_10","volume-title":"Public-Key Cryptography \u2013 PKC 2020","author":"G Castagnos","year":"2020","unstructured":"Castagnos, G., Catalano, D., Laguillaumie, F., Savasta, F., Tucker, I.: Bandwidth-efficient threshold EC-DSA. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020, Part II. LNCS, vol. 12111, pp. 266\u2013296. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45388-6_10"},{"key":"24_CR17","unstructured":"Connolly, D., Komlo, C., Goldberg, I., Wood, C.A.: Two-Round Threshold Schnorr Signatures with FROST. Internet-Draft draft-IRTF-CFRG-frost, Internet Engineering Task Force (2023). https:\/\/datatracker.ietf.org\/doc\/draft-irtf-cfrg-frost\/. Work in Progress"},{"key":"24_CR18","unstructured":"Crites, E., Komlo, C., Maller, M.: How to prove schnorr assuming schnorr: Security of multi- and threshold signatures. Cryptology ePrint Archive, Paper 2021\/1375 (2021). https:\/\/eprint.iacr.org\/2021\/1375"},{"key":"24_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"654","DOI":"10.1007\/978-3-030-59013-0_32","volume-title":"Computer Security \u2013 ESORICS 2020","author":"A Dalskov","year":"2020","unstructured":"Dalskov, A., Orlandi, C., Keller, M., Shrishak, K., Shulman, H.: Securing DNSSEC keys via threshold ECDSA from generic MPC. In: Chen, L., Li, N., Liang, K., Schneider, S. (eds.) ESORICS 2020, Part II. LNCS, vol. 12309, pp. 654\u2013673. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-59013-0_32"},{"key":"24_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"382","DOI":"10.1007\/978-3-030-57990-6_19","volume-title":"Security and Cryptography for Networks","author":"I Damg\u00e5rd","year":"2020","unstructured":"Damg\u00e5rd, I., Jakobsen, T.P., Nielsen, J.B., Pagter, J.I., \u00d8stergaard, M.B.: Fast threshold ECDSA with honest majority. In: Galdi, C., Kolesnikov, V. (eds.) SCN 2020. LNCS, vol. 12238, pp. 382\u2013400. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-57990-6_19"},{"key":"24_CR21","doi-asserted-by":"publisher","unstructured":"De Santis, A., Desmedt, Y., Frankel, Y., Yung, M.: How to share a function securely. In: 26th ACM STOC, pp. 522\u2013533. ACM Press (1994). https:\/\/doi.org\/10.1145\/195058.195405","DOI":"10.1145\/195058.195405"},{"key":"24_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1007\/3-540-48184-2_8","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201987","author":"Y Desmedt","year":"1988","unstructured":"Desmedt, Y.: Society and group oriented cryptography: a new concept. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 120\u2013127. Springer, Heidelberg (1988). https:\/\/doi.org\/10.1007\/3-540-48184-2_8"},{"key":"24_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"307","DOI":"10.1007\/0-387-34805-0_28","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 89 Proceedings","author":"Y Desmedt","year":"1990","unstructured":"Desmedt, Y., Frankel, Y.: Threshold cryptosystems. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 307\u2013315. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34805-0_28"},{"key":"24_CR24","doi-asserted-by":"publisher","unstructured":"Doerner, J., Kondi, Y., Lee, E., shelat, a.: Threshold ECDSA from ECDSA assumptions: the multiparty case. In: 2019 IEEE Symposium on Security and Privacy, pp. 1051\u20131066. IEEE Computer Society Press (2019). https:\/\/doi.org\/10.1109\/SP.2019.00024","DOI":"10.1109\/SP.2019.00024"},{"key":"24_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-319-96881-0_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"G Fuchsbauer","year":"2018","unstructured":"Fuchsbauer, G., Kiltz, E., Loss, J.: The algebraic group model and its applications. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part II. LNCS, vol. 10992, pp. 33\u201362. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96881-0_2"},{"key":"24_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-030-45724-2_3","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2020","author":"G Fuchsbauer","year":"2020","unstructured":"Fuchsbauer, G., Plouviez, A., Seurin, Y.: Blind Schnorr signatures and signed ElGamal encryption in the algebraic group model. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020, Part II. LNCS, vol. 12106, pp. 63\u201395. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45724-2_3"},{"key":"24_CR27","unstructured":"G\u0105gol, A., Kula, J., Straszak, D., \u015awi\u0119tek, M.: Threshold ECDSA for decentralized asset custody. Cryptology ePrint Archive, Report 2020\/498 (2020). https:\/\/eprint.iacr.org\/2020\/498"},{"key":"24_CR28","doi-asserted-by":"publisher","unstructured":"Gennaro, R., Goldfeder, S.: Fast multiparty threshold ECDSA with fast trustless setup. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 1179\u20131194. ACM Press (2018). https:\/\/doi.org\/10.1145\/3243734.3243859","DOI":"10.1145\/3243734.3243859"},{"key":"24_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/978-3-319-39555-5_9","volume-title":"Applied Cryptography and Network Security","author":"R Gennaro","year":"2016","unstructured":"Gennaro, R., Goldfeder, S., Narayanan, A.: Threshold-optimal DSA\/ECDSA signatures and an application to bitcoin wallet security. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 156\u2013174. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-39555-5_9"},{"key":"24_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1007\/3-540-68339-9_31","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201996","author":"R Gennaro","year":"1996","unstructured":"Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Robust threshold DSS signatures. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 354\u2013371. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68339-9_31"},{"key":"24_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"295","DOI":"10.1007\/3-540-48910-X_21","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201999","author":"R Gennaro","year":"1999","unstructured":"Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 295\u2013310. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48910-X_21"},{"key":"24_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1007\/3-540-36563-X_26","volume-title":"Topics in Cryptology \u2014 CT-RSA 2003","author":"R Gennaro","year":"2003","unstructured":"Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure applications of Pedersen\u2019s distributed key generation protocol. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 373\u2013390. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36563-X_26"},{"issue":"1","key":"24_CR33","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1007\/s00145-006-0347-3","volume":"20","author":"R Gennaro","year":"2006","unstructured":"Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. J. Cryptol. 20(1), 51\u201383 (2006). https:\/\/doi.org\/10.1007\/s00145-006-0347-3","journal-title":"J. Cryptol."},{"issue":"2","key":"24_CR34","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/s001459910011","volume":"13","author":"R Gennaro","year":"2000","unstructured":"Gennaro, R., Rabin, T., Jarecki, S., Krawczyk, H.: Robust and efficient sharing of RSA functions. J. Cryptol. 13(2), 273\u2013300 (2000). https:\/\/doi.org\/10.1007\/s001459910011","journal-title":"J. Cryptol."},{"key":"24_CR35","unstructured":"Groth, J., Shoup, V.: Design and analysis of a distributed ECDSA signing service. Cryptology ePrint Archive, Report 2022\/506 (2022). https:\/\/eprint.iacr.org\/2022\/506"},{"key":"24_CR36","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"310","DOI":"10.1007\/978-3-031-22972-5_11","volume-title":"ASIACRYPT 2022","author":"J Katz","year":"2022","unstructured":"Katz, J., Zhang, C., Zhou, H.S.: An analysis of the algebraic group model. In: Agrawal, S., Lin, D. (eds.) ASIACRYPT 2022. LNCS, vol. 13794, pp. 310\u2013322. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-22972-5_11"},{"key":"24_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/978-3-030-81652-0_2","volume-title":"Selected Areas in Cryptography","author":"C Komlo","year":"2021","unstructured":"Komlo, C., Goldberg, I.: FROST: flexible round-optimized schnorr threshold signatures. In: Dunkelman, O., Jacobson, Jr., M.J., O\u2019Flynn, C. (eds.) SAC 2020. LNCS, vol. 12804, pp. 34\u201365. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-81652-0_2"},{"key":"24_CR38","unstructured":"Komlo, C., Goldberg, I., Stebila, D.: A formal treatment of distributed key generation, and new constructions. Cryptology ePrint Archive, Report 2023\/292 (2023). https:\/\/eprint.iacr.org\/2023\/292"},{"key":"24_CR39","unstructured":"Lindell, Y.: Simple three-round multiparty schnorr signing with full simulatability. Cryptology ePrint Archive, Report 2022\/374 (2022). https:\/\/eprint.iacr.org\/2022\/374"},{"key":"24_CR40","doi-asserted-by":"publisher","unstructured":"Lindell, Y., Nof, A.: Fast secure multiparty ECDSA with practical distributed key generation and applications to cryptocurrency custody. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 1837\u20131854. ACM Press (2018). https:\/\/doi.org\/10.1145\/3243734.3243788","DOI":"10.1145\/3243734.3243788"},{"key":"24_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11586821_1","volume-title":"Cryptography and Coding","author":"U Maurer","year":"2005","unstructured":"Maurer, U.: Abstract models of computation in cryptography. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 1\u201312. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11586821_1"},{"issue":"1","key":"24_CR42","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1515\/JMC.2009.004","volume":"3","author":"G Neven","year":"2009","unstructured":"Neven, G., Smart, N.P., Warinschi, B.: Hash function requirements for schnorr signatures. J. Math. Cryptol. 3(1), 69\u201387 (2009). https:\/\/doi.org\/10.1515\/JMC.2009.004","journal-title":"J. Math. Cryptol."},{"key":"24_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1007\/978-3-030-84242-0_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2021","author":"J Nick","year":"2021","unstructured":"Nick, J., Ruffing, T., Seurin, Y.: MuSig2: simple two-round schnorr multi-signatures. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part I. LNCS, vol. 12825, pp. 189\u2013221. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84242-0_8"},{"key":"24_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"522","DOI":"10.1007\/3-540-46416-6_47","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201991","author":"TP Pedersen","year":"1991","unstructured":"Pedersen, T.P.: A threshold cryptosystem without a trusted party. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 522\u2013526. Springer, Heidelberg (1991). https:\/\/doi.org\/10.1007\/3-540-46416-6_47"},{"key":"24_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/3-540-46766-1_9","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201991","author":"TP Pedersen","year":"1992","unstructured":"Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129\u2013140. Springer, Heidelberg (1992). https:\/\/doi.org\/10.1007\/3-540-46766-1_9"},{"key":"24_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"116","DOI":"10.1007\/978-3-030-92548-2_7","volume-title":"Cryptology and Network Security","author":"M Pettit","year":"2021","unstructured":"Pettit, M.: Efficient threshold-optimal ECDSA. In: Conti, M., Stevens, M., Krenn, S. (eds.) CANS 2021. LNCS, vol. 13099, pp. 116\u2013135. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92548-2_7"},{"issue":"3","key":"24_CR47","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1007\/s001450010003","volume":"13","author":"D Pointcheval","year":"2000","unstructured":"Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361\u2013396 (2000). https:\/\/doi.org\/10.1007\/s001450010003","journal-title":"J. Cryptol."},{"key":"24_CR48","doi-asserted-by":"publisher","unstructured":"Ruffing, T., Ronge, V., Jin, E., Schneider-Bensch, J., Schr\u00f6der, D.: ROAST: robust asynchronous schnorr threshold signatures. In: Yin, H., Stavrou, A., Cremers, C., Shi, E. (eds.) ACM CCS 2022, pp. 2551\u20132564. ACM Press (2022). https:\/\/doi.org\/10.1145\/3548606.3560583","DOI":"10.1145\/3548606.3560583"},{"key":"24_CR49","unstructured":"Schnorr, C.P.: Method for identifying subscribers and for generating and verifying electronic signatures in a data exchange system. European Patent 0383985A1"},{"key":"24_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201997","author":"V Shoup","year":"1997","unstructured":"Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256\u2013266. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_18"},{"key":"24_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/3-540-45539-6_15","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"V Shoup","year":"2000","unstructured":"Shoup, V.: Practical threshold signatures. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 207\u2013220. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_15"},{"key":"24_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"417","DOI":"10.1007\/3-540-47719-5_33","volume-title":"Information Security and Privacy","author":"DR Stinson","year":"2001","unstructured":"Stinson, D.R., Strobl, R.: Provably secure distributed schnorr signatures and a (t, n) threshold scheme for implicit certificates. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 417\u2013434. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-47719-5_33"},{"key":"24_CR53","unstructured":"Wuille, P., Nick, J., Ruffing, T.: Schnorr signatures for secp256k1. Bitcoin Improvement Proposal 340 (2020). https:\/\/github.com\/bitcoin\/bips\/blob\/master\/bip-0340.mediawiki"},{"key":"24_CR54","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"481","DOI":"10.1007\/978-3-030-75245-3_18","volume-title":"Public-Key Cryptography \u2013 PKC 2021","author":"TH Yuen","year":"2021","unstructured":"Yuen, T.H., Cui, H., Xie, X.: Compact zero-knowledge proofs for threshold ECDSA with trustless setup. In: Garay, J.A. (ed.) PKC 2021, Part I. LNCS, vol. 12710, pp. 481\u2013511. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-75245-3_18"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-38557-5_24","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,26]],"date-time":"2025-07-26T22:02:30Z","timestamp":1753567350000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-38557-5_24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031385568","9783031385575"],"references-count":54,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-38557-5_24","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"9 August 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 August 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 August 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"43","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"479","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"124","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"15","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}