Actively Secure Isogeny-based Multi-signature Scheme

Abstract

Multi-signatures are protocols used when multiple signers wish to produce a joint signature on the same message. They are principally used in blockchains. In this paper, we propose a multi-signature by extending the signature Commutative Supersingular Isogeny based Fiat-Shamir (CSI-FiSh) with Sharing-friendly Keys (CSI-SharK) signature scheme to a multi-signature. We use a non-interactive zero-knowledge proof system to make sure the signers make the required computations. Both the Key Aggregation and MultiSigning use a sub-protocol to allow signers to aggregate elliptic curves in a round-robin manner. We prove the resulting multi-signature protocol is actively secure in the random oracle model (ROM) by using the Double Forking Lemma Technique. We compare the resulting scheme to the most efficient isogeny-based threshold protocol and show that while our protocol lacks the robustness property, the multi-signature is more advantageous in a situation where a group of signers would want to recurrently output signatures. We also compare our multi-signature to two state of the art lattice-based multi-signatures, and show that by carefully choosing the parameters, our multi-signature is smaller by a significant factor. Finally, we implement our multi-signature scheme using C.