门限密码技术及其标准化进展OA北大核心CSTPCD

The development of information technology has intensified the diversity and complexity of information endpoints,making the security of individual endpoints more fragile.Therefore,the demand for threshold cryptography capable of withstanding"single point of failure"has grown sig-nificantly.This paper starts with illustrating the fundamental elements and framework of threshold cryptography,introducing the structural components and security definitions of threshold cryptogra-phy schemes,the techniques for collaborative secret generation by multi-party which are commonly used in threshold cryptography,and the methods for collaborative threshold computation,as well as the evaluation criteria for threshold cryptography schemes.This paper summarizes the research progress of different algorithmic threshold schemes in threshold cryptography,aiming to highlight the research focus and progress in security and efficiency across various algorithms,their practical appli-cations,and to acquaint the readers with the latest trends in threshold cryptography research.The implementation of many threshold cryptography schemes is based on the techniques of secret sharing,mostly employing straightforward addition or polynomial addition techniques.This approach encoun-ters significant challenges in the collaborative secure computation of secret products and inversions in the implementation of threshold cryptography.Many schemes employ intensive technologies such as homomorphic encryption to solve this problem,leading to lower efficiency.As security demands increase,the standardization of threshold cryptographic technology has garnered attention from many developed countries.This paper introduces the standardization work of threshold cryptography by entities such as the National Institute of Standards and Technology(NIST)and the Internet Engi-neering Task Force(IETF).Despite the proliferation of various threshold cryptography algorithms and rapid development of standardization efforts in threshold cryptography,industrial follow-ups have been relatively slow.By contrast,the simple(2,2)threshold signature scheme,also known as cooper-ative signature scheme,has achieved mature applications in the industry sector,providing dependable security for software-based cryptography products.