Thematic Area 3

Engineering Robust and Resilient Threshold Signatures and Scored Anonymous Credentials

Threshold signatures allow n parties to share a private key so that any t of them can jointly sign, eliminating single points of failure. They are critical for applications such as institutional cryptocurrency custody, securing DAOs, and protecting critical infrastructure like DNSSEC. Our work focuses on moving these primitives from theory to practice by addressing real-world challenges of fault tolerance and robustness.

Contribution

Thresholdizing ECDSA for “Real”

Stylized lock and distributed nodes

In Real Threshold ECDSA [WMYC@NDSS23], we solved a neglected but fundamental weakness in prior threshold ECDSA protocols: practical brittleness. Existing schemes fail if even one required participant in the pre-signing phase drops out or aborts, forcing a complete restart and enabling trivial denial-of-service attacks. Our protocol is the first to offer true t-out-of-n flexibility in all phases, tolerating up to n−t faults without restart. It includes efficient mechanisms to identify misbehaving parties, reconstruct missing components, and proceed without assuming an honest majority, making it suitable for adversarial environments. One year later [WMC@NDSS24], we proposed an alternative paradigm, further improving this result and extending applicability to BBS+ [ASMC@SystJ13].

Contribution

Scalable Anonymous Credentials with
Privacy-Preserving Reputation and Revocation

Abstract identity and reputation visualization

Our research on signatures also extends to anonymous credentials. A key innovation is the support for updatable attributes, enabling both reputation management and revocation ([MC@EuroSP23], [CMY@ACNS23]). This allows users to accumulate a reputation score issued by an issuer across different anonymous sessions, without revealing the exact score or linking the sessions. It enables secure and auditable handling of reputation traits or “credits” without global tracking, while still allowing the blocklisting of misbehaving anonymous users.

Additional Advances

Additional Advances

This research theme reflects a consistent focus on practical robustness: engineering protocols that survive network faults, delays, and malicious aborts. By bridging cryptographic theory and the realities of distributed systems, our work delivers tools that withstand the conditions in which they are most needed. Our works build on our earlier foundational work in cryptographic techniques for accountable privacy (e.g., [ZWC@CTRSA19]). Related to our threshold ECDSA project, we also provided a design and security blueprint for threshold variants of the EdDSA standard [WMYC@RAID23]. Rather than proposing yet another scheme, we distilled the principles, pitfalls, and best practices developers must follow to build secure, practical protocols, advancing the state of practice for the community. More recently, we have developed the first post-quantum secure batch anonymous tokens ([YCNWZW@PQCrypto25]), which can reduce the need for privacy-sensitive web users to solve excessive repeated CAPTCHA puzzles.

References

Selected Publications

  1. [YCNWZW@PQCrypto25] Yingfei Yan, Sherman S. M. Chow, Lucien K. L. Ng, Harry W. H. Wong, Yongjun Zhao, Baocang Wang.
    Batch Anonymous MAC Tokens from Lattices.
    International Conference on Post-Quantum Cryptography. (PQCrypto) 2025.
  2. [WMC@NDSS24] Harry W. H. Wong, Jack P. K. Ma, Sherman S. M. Chow.
    Secure Multiparty Computation of Threshold Signatures Made More Efficient.
    Network and Distributed System Security Symposium (NDSS) 2024.
  3. [WMYC@RAID23] Harry W. H. Wong, Jack P. K. Ma, Hoover H. F. Yin, Sherman S. M. Chow.
    How (Not) to Build Threshold EdDSA.
    International Symposium on Research in Attacks, Intrusions and Defenses (RAID) 2023.
  4. [MC@EuroSP23] Jack P. K. Ma, Sherman S. M. Chow.
    SMART Credentials in the Multi-queue of Slackness (or Secure Management of Anonymous Reputation Traits without Global Halting).
    IEEE European Symposium on Security and Privacy (EuroS&P) 2023.
  5. [CMY@ACNS23] Sherman S. M. Chow, Jack P. K. Ma, Tsz Hon Yuen.
    Scored Anonymous Credentials.
    Applied Cryptography and Network Security (ACNS) 2023.
  6. [WMYC@NDSS23] Harry W. H. Wong, Jack P. K. Ma, Hoover H. F. Yin, Sherman S. M. Chow.
    Real Threshold ECDSA.
    Network and Distributed System Security Symposium (NDSS) 2023.
  7. [ZWC@CTRSA19] Tao Zhang, Huangting Wu, Sherman S. M. Chow.
    Structure-Preserving Certificateless Encryption and Its Application.
    The Cryptographers' Track at the RSA Conference (CT-RSA) 2019.
  8. [ASMC@SystJ13] Man Ho Au, Willy Susilo, Yi Mu, Sherman S. M. Chow.
    Constant-Size Dynamic k-Times Anonymous Authentication.
    IEEE Systems Journal 2013.
Contact

Get in touch

Email: [firstname]@ie.cuhk.edu.hk