Threshold ECDSA

The ECDSA directory contains the code used for the benchmarks by Dalskov et al. *-ecdsa-party.cpp contains the high-level programs while the two phases are implemented in preprocessing.hpp and sign.hpp, respectively.

Compilation

  • Compile the binaries: make -j8 ecdsa

  • Or compile the static binaries: make -j8 ecdsa-static

Running

The following binaries are available, of which the first few have been used for the paper:

Protocol

Binary

MASCOT

mascot-ecdsa-party.x

Semi-honest OT

semi-ecdsa-party.x

Malicious Shamir

mal-shamir-ecdsa-party.x

Semi-honest Shamir

shamir-ecdsa-party.x

Malicious replicated

mal-rep-ecdsa-party.x

Semi-honest replicated

rep-ecdsa-party.x

ATLAS

atlas-ecdsa-party.x

SPDZ-wise replicated

sy-rep-ecdsa-party.x

Rep4

rep4-ecdsa-party.x

All binaries offer the same interface. With MASCOT for example, run the following:

./mascot-ecdsa-party.x -p 0 [-N <number of parties>] [-h <host of party 0>] [-D] [<number of prep tuples>]
./mascot-ecdsa-party.x -p 1 [-N <number of parties>] [-h <host of party 0>] [-D] [<number of prep tuples>]
...

-D activates delayed multiplication, deferring usage of the secret key until signing.

The number of parties defaults to 2 for OT-based protocols and to 3 for honest-majority protocols.

In addition, there is fake-spdz-ecsda-party.x, which runs only the online phase of SPDZ. You will need to run Fake-ECDSA.x beforehands and then distribute Player-Data/ECSDA to all parties.