(t+1,n) Threshold and Generalized DSS Signatures Without a Trusted Party

C. Wang & T. Hwang

A (t, n) threshold signature scheme allows n members of a group to share a secret key such that any t members can create a valid group signature. Of course, any t members can compromise this system. However, designing a (t,n) threshold signature scheme based on Digital Signature Standard (DSS) is difficult if there is no trusted party to distribute the shares of the secret.

At Crypto'95, a (t^2-t+1)-out-of-n threshold DSS signature scheme without a trusted party was proposed. It requires t^2-t+1 members to sign a document, but t members can conspire to destroy this scheme. At Crypto'96, Gennaro et. al. improved the above result to propose a robust threshold DSS signature scheme which requires 2t+1 members in the signing procedure. This paper proposes a new method to reduce the number of signers to t+1.