(2026-01) From -textsf{TS-SUF-2} to -textsf{TS-SUF-4}; Practical Security Enhancements for -textsf{FROST2} Threshold Signatures
2026-01-17
Threshold signature schemes play a vital role in securing digital assets within blockchain and distributed systems. stands out as a practical threshold Schnorr signature scheme, noted for its efficiency and compatibility with standard verification processes. However, under the one-more discrete logarithm assumption, with static corruption and centralized key generation settings, has been shown by Bellare et al. (in CRYPTO 2022) to achieve only security, which is a consequence of its vulnerability to attacks.
In this paper, we address this security limitation by presenting two enhanced variants of : and
$\textsf{FROST2}\texttt{#}$, both achieving the security level under the same computational assumptions as the original . The first variant, , strengthens by integrating additional pre-processing token verifications that help mitigate and vulnerabilities while maintaining practical efficiency. We show that can achieve security not only under the same conditions as the original analysis, but also when initialized with a distributed key generation protocol such as . Building on these improvements, we identify optimization opportunities that lead to our second variant,$\textsf{FROST2}\texttt{#}$, which achieves security with enhanced computational efficiency by eliminating redundant calculations. Our benchmark shows that the performance of is comparable to while$\textsf{FROST2}\texttt{#}$is at least 3 times faster than .