CryptoDB
Unmasking TRaccoon: A Lattice-Based Threshold Signature with An Efficient Identifiable Abort Protocol
| Authors: |
|
|---|---|
| Download: | |
| Conference: | CRYPTO 2025 |
| Abstract: | TRaccoon is an efficient 3-round lattice-based $T$-out-of-$N$ threshold signature, recently introduced by del Pino et al.~(Eurocrypt~2024). While the design resembles the classical threshold Schnorr signature, \textsf{Sparkle} (Crites et al., Crypto~2023), one shortfall is that it has no means to identify malicious behavior, a property highly desired in practice. This is because to resist lattice-specific attacks, TRaccoon relies on a technique called \emph{masking}, informally blinding each partial signature with a one-time additive mask. del Pino et al. left it as an open problem to add a mechanism to identify malicious behaviors to TRaccoon. In this work, we propose TRaccoon-IA, a TRaccoon with an efficient \emph{identifiable abort} protocol, allowing to identify malicious signers when the signing protocol fails. The identifiable abort protocol is a simple add-on to TRaccoon, keeping the original design intact, and comes with an added communication cost of $(60 + 6.4\cdot \abs{T})$~KB \emph{only when signing fails}. Along the way, we provide the first formal security analysis of a variant of LaBRADOR~(Beullens et al., Crypto~2023) with zero-knowledge, encountering several hurdles when formalizing it in detail. Moreover, we give a new game-based definition for \emph{interactive} identifiable abort protocols, extending the popular game-based definition used to prove unforgeability of recent threshold signatures. |
BibTeX
@inproceedings{crypto-2025-35571,
title={Unmasking TRaccoon: A Lattice-Based Threshold Signature with An Efficient Identifiable Abort Protocol},
publisher={Springer-Verlag},
author={Rafael del Pino and Shuichi Katsumata and Guilhem Niot and Michael Reichle and Kaoru Takemure},
year=2025
}