UC-Secure Star DKG for Non-Exportable Key Shares with VSS-Free Enforcement

• URL: http://arxiv.org/abs/2602.22187v2
• Date: Thu, 05 Mar 2026 18:57:15 GMT
• Title: UC-Secure Star DKG for Non-Exportable Key Shares with VSS-Free Enforcement
• Authors: Vipin Singh Sehrawat,
• Abstract summary: UC-secure Distributed Key Generation (DKG) lets parties derive a common public key while keeping the signing key secret-shared.<n>We target the Non-eXportable Key (NXK) setting enforced by hardware-backed key-isolation modules.<n>We construct Star DKG (SDKG) for multi-device threshold wallets where a designated service must co-sign but cannot sign alone.
• Score: 0.0
• License: http://creativecommons.org/licenses/by-nc-sa/4.0/
• Abstract: Distributed Key Generation (DKG) lets parties derive a common public key while keeping the signing key secret-shared. UC-secure DKG requires a verifiable-sharing enforcement layer -- classically satisfied via Verifiable Secret Sharing (VSS) and/or commitment-and-proof mechanisms -- for secrecy, uniqueness, and affine consistency. We target the Non-eXportable Key (NXK) setting enforced by hardware-backed key-isolation modules (e.g., TEEs, HSM-like APIs), formalized via an ideal KeyBox (keystore) functionality $\mathcal{F}_{KeyBox}$ that keeps shares non-exportable and permits only attested KeyBox-to-KeyBox sealing. With confidentiality delegated to the NXK boundary, the remaining challenge is enforcing transcript-defined affine consistency without exporting or resharing shares. State continuity rules out rewinding-based extraction, mandating straight-line techniques. We combine (i) KeyBox confidentiality; (ii) Unique Structure Verification (USV), a publicly verifiable certificate whose certified scalar never leaves the KeyBox yet whose public group element is transcript-derivable; and (iii) Fischlin-based UC-extractable NIZK arguments of knowledge in a gRO-CRP (global Random Oracle with Context-Restricted Programmability) model. We construct Star DKG (SDKG), a UC-secure scheme for multi-device threshold wallets where a designated service must co-sign but cannot sign alone, realizing a 1+1-out-of-$n$ star access structure (center plus any leaf) over roles (primary vs. recovery) with role-based device registration. In the $\mathcal{F}_{KeyBox}$-hybrid and gRO-CRP models, under DL and DDH assumptions with adaptive corruptions and secure erasures, SDKG UC-realizes a transcript-driven refinement of the standard UC-DKG functionality. Over a prime-order group of size $p$, SDKG incurs $\widetilde{O}(n\log p)$ communication overhead and $\widetilde{O}(n\log^{2.585}p)$ bit-operation cost.

Related papers

• Collusion-Resistant Quantum Secure Key Leasing Beyond Decryption [4.375194832711421]
  We present a quantum-secure collusion-resistant tracing scheme called multi-level traitor tracing (MLTT)<n>We also present a compiler that transforms an MLTT scheme for a primitive X into a collusion-resistant SKL scheme for primitive X.
  arXiv  Detail & Related papers  (2025-10-06T12:31:39Z)
• Auditable Early Stopping for Agentic Routing: Ledger-Verified Run-Wise Certificates under Local DP [0.0]
  We address when a best-first router for tool-use agents can stop exploring without missing a better leaf.<n>We introduce a run-wise certificate that couples each node's key to the same exponential race that realizes leaf perturbations.<n>Experiments on synthetic graphs and a small real pipeline show tight stopping, deterministic replay, and low overhead.
  arXiv  Detail & Related papers  (2025-09-09T01:25:09Z)
• A Compact Post-quantum Strong Designated Verifier Signature Scheme from Isogenies [0.0]
  We present a novel isogeny-based Strong Designated Verifier Signature scheme.<n>It offers a compact, quantum-resistant alternative to existing SDVS constructions.<n>It achieves strong security guarantees, Strong Unforgeability under Chosen-Message Attacks (SUF-CMA), Non-Transferability (NT), and Privacy of Signer's Identity (PSI)
  arXiv  Detail & Related papers  (2025-07-20T10:15:38Z)
• An Efficient Hybrid Key Exchange Mechanism [58.96805474751668]
  textscCHOKE is a code-based hybrid key-encapsulation mechanism (KEM)<n>We show that the communication cost of our construction is optimal under the requirement that each KEM must be used at least once.
  arXiv  Detail & Related papers  (2025-05-05T09:28:46Z)
• Federated Distributed Key Generation [0.0]
  We introduce Federated Distributed Key Generation (FDKG) that makes participation optional and trust heterogeneous.<n>FDKG completes both generation and reconstruction in a single broadcast round each.<n>Our analysis shows that (i) generation ensures correctness, privacy, and robustness under standard PVSS-based DKG assumptions.
  arXiv  Detail & Related papers  (2025-02-28T08:31:16Z)
• PKE and ABE with Collusion-Resistant Secure Key Leasing [5.5097304991439975]
  We introduce collusion-resistant security for PKE-SKL (denoted as PKE-CR-SKL)<n>In this model, the adversary can adaptively obtain multiple quantum decryption keys and access a verification oracle.<n>The size of the public key and ciphertexts must remain independent of the total number of generated quantum decryption keys.
  arXiv  Detail & Related papers  (2025-02-18T03:19:54Z)
• Coding-Based Hybrid Post-Quantum Cryptosystem for Non-Uniform Information [53.85237314348328]
  We introduce for non-uniform messages a novel hybrid universal network coding cryptosystem (NU-HUNCC) We show that NU-HUNCC is information-theoretic individually secured against an eavesdropper with access to any subset of the links.
  arXiv  Detail & Related papers  (2024-02-13T12:12:39Z)
• On the Efficacy of Eviction Policy for Key-Value Constrained Generative Language Model Inference [40.789027180025286]
  Large Language Models (LLMs) are notably cost-prohibitive to deploy in resource-constrained environments. We introduce RoCo, a robust cache omission policy based on temporal attention scores and robustness measures. We release EasyKV, a versatile software package dedicated to user-friendly key-value constrained generative inference.
  arXiv  Detail & Related papers  (2024-02-09T09:20:59Z)
• Practical quantum secure direct communication with squeezed states [37.69303106863453]
  We report the first table-top experimental demonstration of a CV-QSDC system and assess its security.<n>This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
  arXiv  Detail & Related papers  (2023-06-25T19:23:42Z)
• Publicly-Verifiable Deletion via Target-Collapsing Functions [81.13800728941818]
  We show that targetcollapsing enables publiclyverifiable deletion (PVD) We build on this framework to obtain a variety of primitives supporting publiclyverifiable deletion from weak cryptographic assumptions.
  arXiv  Detail & Related papers  (2023-03-15T15:00:20Z)
• Quantum Proofs of Deletion for Learning with Errors [91.3755431537592]
  We construct the first fully homomorphic encryption scheme with certified deletion. Our main technical ingredient is an interactive protocol by which a quantum prover can convince a classical verifier that a sample from the Learning with Errors distribution in the form of a quantum state was deleted.
  arXiv  Detail & Related papers  (2022-03-03T10:07:32Z)
• Security Limitations of Classical-Client Delegated Quantum Computing [54.28005879611532]
  A client remotely prepares a quantum state using a classical channel. Privacy loss incurred by employing $RSP_CC$ as a sub-module is unclear. We show that a specific $RSP_CC$ protocol can replace the quantum channel at least in some contexts.
  arXiv  Detail & Related papers  (2020-07-03T13:15:13Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.