(2026-03) Adaptively Secure, Universally Composable Distributed Generation of Discrete-Logarithm Based Keys
2026-03-05
Distributed key generation (DKG) protocols enable a set of parties to distributively generate a threshold-shared key pair ((\mathsf{pk}, \mathsf{sk})), such that at least (t) parties must participate to reconstruct the secret. We introduce the first DKG protocol for discrete-logarithm based keys that are both universally composable and adaptively secure without erasure, inconsistent players, interactive assumptions, or oracle-aided simulation.
Our contributions are as follows: (1) an adaptively secure and universally composable DKG that achieves guaranteed output delivery in three rounds assuming an honest majority, (2) an adaptively secure and universally composable committed DKG that realizes our novel committed DKG functionality, tolerates a full corruption threshold, and achieves identifiable abort in two rounds, (3) an adaptively secure and universally composable committed DKG that achieves guaranteed output in three rounds assuming an honest majority, (4) as an application, an incredibly simple threshold Schnorr protocol in the committed DKG-hybrid model--implying an adaptively secure and universally composable threshold Schnorr protocol tolerating a full corruption threshold with identifiable abort in three rounds, and an adaptively secure and universally composable threshold Schnorr protocol for an honest majority with guaranteed output in four rounds.
Most importantly, our DKG constructions are secure in the random oracle model under the DDH assumption. Our output guarantees are proven under the assumption of synchrony. All existing synchronous DKG protocols for discrete-logarithm based keys satisfy weaker security notions or require stronger assumptions.