True academic, editing slides up to the last minute π
Happy to be presenting Golden at todayβs NY Crypto Day!
eprint.iacr.org/2025/1924
21.02.2026 20:07
π 8
π 0
π¬ 1
π 0
True academic, editing slides up to the last minute π
Happy to be presenting Golden at todayβs NY Crypto Day!
eprint.iacr.org/2025/1924
Spending the week in beautiful Okinawa at the OIST workshop on isogeny-based cryptography
One step closer- mapping execution flow from the interactive distinguisher Z and finally understanding the dummy adversary
My mom told me a quote today that my grandmother used to say after she would sign up for every free giveaway under the sun - βyou canβt win if you donβt play.β And I kind of love that mentality for trying something in the face of overwhelming possibility of failure - generally the case in research
Happy new year! One of my New Yearβs resolutions this year is to finally finish my gentle introduction to writing proofs in UC, for myself as well.. if anyone is interested in reviewing/contributing, please let me know! π
Iβm at SBC and Simonβs for the next week, looking forward to seeing everyone!
Will be giving a talk on Thursday at Simonβs on our recent impossibility results on the adaptive security of threshold signatures- simons.berkeley.edu/talks/chelse...
Thank you!! Wow you are lucky
2025: started out with Covid, got better, then relapsed into Covid π€¦ββοΈ
Back to blue sky and happy new year!!!
After 3 years & 12 drafts, the RFC for FROST is complete! We hope this makes implementing FROST easier with fewer bugs π
Thank you to everyone who helped by reviewing FROST security, submitting comments, and implementing the draft, this was a team effort ππͺ
www.rfc-editor.org/rfc/rfc9591....
Awesome! Added to the list for next year :)
In Croatia? Have fun!! Hopefully Iβll make it one day π€
There's a mergesort step on page 12 that is costed at N log N. So I don't think this improves on Sam Jaques' eprint 2024/080 from a theoretical perspective. Nice implementation work though!
Consider donating your eclipse glasses to Eclipse Glasses USA so schoolchildren in South America can use them in October. eclipse23.com/pages/donate...
First podcast, check it out! :) zeroknowledge.fm/318-2/
This is jaw-dropping, wild news and should be criminal
techcrunch.com/2024/03/26/f...
It's not a choice of one or the other.
Use the appendix, as an author, to make reviewers see the value of sticky reviews and make them more likely to ask chairs to turn them on!
Good point!
If you are on a PC for an IACR conference, consider reaching out to the PC chairs to request βsticky reviewsβ, to allow reviews from prior submissions to IACR conferences to be visible! Letβs make science better! πͺ
It is good to know you feel this way, as a potential future book-writer :)
Will do! Thanks Nigel π
Well, I would like this feature as a reviewer :)
Great to hear this is possible!! So it is just a matter of promoting it to be more of the norm π€
I wish conferences asked papers to submit feedback received from prior submission attempts and a discussion of how the authors improved the paper since then⦠so much context is lost between submission attempts across different venues
Thanks for the amazing time #RealWorldCrypto, fantastic talks and conversations as always! See you next year in Europe :)
Changing my job title to βfancy cryptographerβ thanks #RealWorldCrypto
Abstract. Threshold Schnorr signatures are seeing increased adoption in practice, and offer practical defenses against single points of failure. However, one challenge with existing randomized threshold Schnorr signature schemes is that signers must carefully maintain secret state across signing rounds, while also ensuring that state is deleted after a signing session is completed. Failure to do so will result in a fatal key-recovery attack by re-use of nonces. While deterministic threshold Schnorr signatures that mitigate this issue exist in the literature, all prior schemes incur high complexity and performance overhead in comparison to their randomized equivalents. In this work, we seek the best of both worlds; a deterministic and stateless threshold Schnorr signature scheme that is also simple and efficient. Towards this goal, we present Arctic, a lightweight two-round threshold Schnorr signature that is deterministic, and therefore does not require participants to maintain state between signing rounds. As a building block, we formalize the notion of a Verifiable Pseudorandom Secret Sharing (VPSS) scheme, and define Shine, an efficient VPSS construction. Shine is secure when the total number of participants is at least 2t β 1 and the adversary is assumed to corrupt at most t β 1; i.e., in the honest majority model. We prove that Arctic is secure under the discrete logarithm assumption in the random oracle model, similarly assuming at minimum 2t β 1 number of signers and a corruption threshold of at most t β 1. For moderately sized groups (i.e., when n β€ 20), Arctic is more than an order of magnitude more efficient than prior deterministic threshold Schnorr signatures in the literature. For small groups where n β€ 10, Arctic is three orders of magnitude more efficient.
Image showing part 2 of abstract.
Arctic: Lightweight and Stateless Threshold Schnorr Signatures (Chelsea Komlo, Ian Goldberg) ia.cr/2024/466
Hi Toronto! Looking forward to seeing everyone at #RealWorldCrypto π¨π¦
I was asked today what the upper bound is on number of signers in threshold signature schemes used in practice today and I didnβt have a good answerβ¦
Iβm assuming consensus schemes are larger, but does anyone know of signing groups of > 20? That seems on the larger side
Apparently those leading the anti-diversity programs at US public universities believe βa healthy society requires patriarchyβ- why in 2023 are women with voices and brains considered to be such a threat www.nytimes.com/interactive/...