(2026-04) Oriole; Adaptively Secure Partially Non-Interactive Threshold Signatures from Lattices
2026-04-22
We present the first lattice-based, partially non-interactive threshold signature scheme that tolerates the adaptive corruption of up to signers, where is the signing threshold. Our construction relies on the MSIS and MLWE assumptions, and has two rounds, of which only the second is message-dependent. We substantially improve upon prior adaptively secure lattice-based schemes (CRYPTO '24 and EUROCRYPT '26), which require at least two message-dependent rounds. Compared to prior lattice-based partially non-interactive assumptions (CRYPTO '24, S&P '25, CRYPTO '25), we achieve better communication complexity in addition to stronger security guarantees.