(2026-01) Hardware-Friendly Robust Threshold ECDSA in an Asymmetric Model
2026-01-21
We propose Asymmetric Robust Threshold ECDSA (ART-ECDSA), a robust and hardware-friendly threshold ECDSA protocol designed for asymmetric settings where one participant is a resource-constrained hardware device. The scheme achieves full robustness and cheater identification while minimizing the computational and communication burden on the hardware signer. Our design leverages Castagnos–Laguillaumie (CL) homomorphic encryption to replace Paillier-based operations and remove costly range proofs, yielding compact ciphertexts and simple zero-knowledge proofs. All heavy multiparty computations, including multiplicative-to-additive (MtA) conversions and distributed randomness generation, are offloaded to online cosigners, allowing the hardware party to remain lightweight. ART-ECDSA provides an efficient asymmetric signing protocol with formal security proofs in the UC framework, achieving both robustness and hardware efficiency within a single design. Our implementation on an ARM Cortex-M7 microcontroller (400 MHz, 3 MB Flash, 2 MB SRAM) shows that the hardware party performs only lightweight computation (50 ms in presigning and ≤ 10 s in signing) and transmits about 300 Bytes and 3 KB in each phase, which easily fits within the bandwidth limits of BLE and NFC. These results demonstrate that ART-ECDSA is practical for cold-storage and embedded hardware environments without compromising security.