[Cryptography] gap diffie helman threshold signatures.
James A. Donald
jamesd at echeque.com
Mon Aug 14 06:20:07 EDT 2017
Gap Diffie-Hellman threshold signatures, aka pairing based cryptography
threshold signatures.
I read: "Efficient threshold signature", by Alexandra Boldreva
I read that to create a threshold public key from the public keys of
individual members of the group, any or all members of the group use
"the method of Genman" to create the threshold public key from their
individual public keys, and then to create to create the threshold
signature of some item any or all members of the group similarly create
it using "Using the well known techniques of Lagrange interpolation" on
a sufficient number of individual signatures of that item.
This is all Greek to me
I understand how pairing based cryptography supports individual
signatures and blind signing, but not how it supports threshold
signatures and the green beard Masonic lodge secret handshake problem.
Can anyone point me to a more elementary explanation, or, better, much
better, some free source code that actually does threshold signatures
successfully using pairing based cryptography?
As you know, Bitcoin has dangerously few miners, subject to dangerously
few political authorities, and miner interests are insufficiently
aligned to currency user interests.
Seems to me the solution is to create a crypto currency that relies on
weight of stake, rather than weight of processing power. Such a
currency is equivalent to a crypto corporation, or rather the easily
traded shares of a crypto corporation. And independently of whether we
need yet another crypto currency, we need crypto corporations.
Hence my interest in threshold signatures that do not require a
"trusted" dealer.
Because of shareholder ignorance, and scaling law problems with enormous
thresholds, I envisage that ordinary shareholders, or rather the laptops
and cellphones of ordinary shareholders(wallets), would grant their
voting rights to a rather small number of board members (massive server
farms in the cloud). Every time you do a transaction through some web
server, the recipient of the shares(currency) by default revocably
grants his voting rights to whatever web server the recipient uses, thus
reducing the scale problem to a moderate number of large entities with
adequate connectivity and processing power. From time to time one board
member (server farm) is elected CEO (leader for the Paxos protocol) If
it goes down, loses connectivity, loses too many packets, or engages in
Byzantine deviation from the Paxos protocol (possibly as a result of
being raided by the cops for money laundering), they elect a new one
after twenty seconds or so.
More information about the cryptography
mailing list