Author: Natanael 2014-03-08 18:15:47
Published on: 2014-03-08T18:15:47+00:00
The conversation thread discusses limitations of ECDSA and explores alternatives for creating a signature with a + b, where P = aG, Q = bG, and R = P + Q = (a+b)G. Secure multi-party computation algorithms can accomplish this, but they are not the fastest and require both parties to be online at the same time. A two-step algorithm that can be performed asynchronously would be preferable. The k^-1 term in ECDSA makes a direct multiparty signature quite difficult, while Schnorr sigs can achieve it. The conversation also touches upon the idea of using a hash of the other party's public key as a means of ensuring the public key is not chosen based on the one presented by the individual.
Updated on: 2023-06-08T03:54:38.872433+00:00