[Cryptography] gap diffie helman threshold signatures.

[James A. Donald]

Gap Diffie-Hellman threshold signatures, aka pairing based cryptography 
threshold signatures.

I read:  "Efficient threshold signature", by Alexandra Boldreva

I read that to create a threshold public key from the public keys of 
individual members of the group, any or all members of the group use 
"the method of Genman" to create the threshold public key from their 
individual public keys, and then to create to create the threshold 
signature of some item any or all members of the group similarly create 
it using "Using the well known techniques of Lagrange interpolation" on 
a sufficient number of individual signatures of that item.

This is all Greek to me

I understand how pairing based cryptography supports individual 
signatures and blind signing, but not how it supports threshold 
signatures and the green beard Masonic lodge secret handshake problem.

Can anyone point me to a more elementary explanation, or, better, much 
better, some free source code that actually does threshold signatures 
successfully using pairing based cryptography?

As you know, Bitcoin has dangerously few miners, subject to dangerously 
few political authorities, and miner interests are insufficiently 
aligned to currency user interests.

Seems to me the solution is to create a crypto currency that relies on 
weight of stake, rather than weight of processing power.  Such a 
currency is equivalent to a crypto corporation, or rather the easily 
traded shares of a crypto corporation.  And independently of whether we 
need yet another crypto currency, we need crypto corporations.

Hence my interest in threshold signatures that do not require a 
"trusted" dealer.

Because of shareholder ignorance, and scaling law problems with enormous 
thresholds, I envisage that ordinary shareholders, or rather the laptops 
and cellphones of ordinary shareholders(wallets), would grant their 
voting rights to a rather small number of board members (massive server 
farms in the cloud).  Every time you do a transaction through some web 
server, the recipient of the shares(currency) by default revocably 
grants his voting rights to whatever web server the recipient uses, thus 
reducing the scale problem to a moderate number of large entities with 
adequate connectivity and processing power.  From time to time one board 
member (server farm) is elected CEO (leader for the Paxos protocol)  If 
it goes down, loses connectivity, loses too many packets, or engages in 
Byzantine deviation from the Paxos protocol (possibly as a result of 
being raided by the cops for money laundering), they elect a new one 
after twenty seconds or so.