True academic, editing slides up to the last minute π
Happy to be presenting Golden at todayβs NY Crypto Day!
eprint.iacr.org/2025/1924
True academic, editing slides up to the last minute π
Happy to be presenting Golden at todayβs NY Crypto Day!
eprint.iacr.org/2025/1924
Spending the week in beautiful Okinawa at the OIST workshop on isogeny-based cryptography
03.02.2026 04:48 β π 1 π 0 π¬ 0 π 0One step closer- mapping execution flow from the interactive distinguisher Z and finally understanding the dummy adversary
23.01.2026 15:56 β π 4 π 0 π¬ 1 π 0My mom told me a quote today that my grandmother used to say after she would sign up for every free giveaway under the sun - βyou canβt win if you donβt play.β And I kind of love that mentality for trying something in the face of overwhelming possibility of failure - generally the case in research
22.01.2026 19:58 β π 2 π 0 π¬ 0 π 0Happy new year! One of my New Yearβs resolutions this year is to finally finish my gentle introduction to writing proofs in UC, for myself as well.. if anyone is interested in reviewing/contributing, please let me know! π
12.01.2026 16:42 β π 7 π 1 π¬ 1 π 1
Iβm at SBC and Simonβs for the next week, looking forward to seeing everyone!
Will be giving a talk on Thursday at Simonβs on our recent impossibility results on the adaptive security of threshold signatures- simons.berkeley.edu/talks/chelse...
Thank you!! Wow you are lucky
15.01.2025 04:46 β π 0 π 0 π¬ 0 π 02025: started out with Covid, got better, then relapsed into Covid π€¦ββοΈ
15.01.2025 00:39 β π 1 π 0 π¬ 2 π 0Back to blue sky and happy new year!!!
04.01.2025 16:31 β π 12 π 0 π¬ 0 π 0
After 3 years & 12 drafts, the RFC for FROST is complete! We hope this makes implementing FROST easier with fewer bugs π
Thank you to everyone who helped by reviewing FROST security, submitting comments, and implementing the draft, this was a team effort ππͺ
www.rfc-editor.org/rfc/rfc9591....
Awesome! Added to the list for next year :)
03.06.2024 15:05 β π 0 π 0 π¬ 0 π 0In Croatia? Have fun!! Hopefully Iβll make it one day π€
01.06.2024 15:54 β π 0 π 0 π¬ 1 π 0There's a mergesort step on page 12 that is costed at N log N. So I don't think this improves on Sam Jaques' eprint 2024/080 from a theoretical perspective. Nice implementation work though!
20.05.2024 16:25 β π 4 π 3 π¬ 0 π 0
Consider donating your eclipse glasses to Eclipse Glasses USA so schoolchildren in South America can use them in October. eclipse23.com/pages/donate...
08.04.2024 20:49 β π 928 π 737 π¬ 7 π 15
First podcast, check it out! :) zeroknowledge.fm/318-2/
05.04.2024 01:13 β π 12 π 5 π¬ 0 π 0
This is jaw-dropping, wild news and should be criminal
techcrunch.com/2024/03/26/f...
It's not a choice of one or the other.
Use the appendix, as an author, to make reviewers see the value of sticky reviews and make them more likely to ask chairs to turn them on!
Good point!
31.03.2024 18:02 β π 0 π 0 π¬ 0 π 0If you are on a PC for an IACR conference, consider reaching out to the PC chairs to request βsticky reviewsβ, to allow reviews from prior submissions to IACR conferences to be visible! Letβs make science better! πͺ
30.03.2024 20:25 β π 6 π 3 π¬ 0 π 0It is good to know you feel this way, as a potential future book-writer :)
30.03.2024 19:41 β π 1 π 0 π¬ 0 π 0Will do! Thanks Nigel π
30.03.2024 18:20 β π 1 π 0 π¬ 1 π 0Well, I would like this feature as a reviewer :)
30.03.2024 18:10 β π 0 π 0 π¬ 1 π 0Great to hear this is possible!! So it is just a matter of promoting it to be more of the norm π€
30.03.2024 18:03 β π 2 π 0 π¬ 1 π 0I wish conferences asked papers to submit feedback received from prior submission attempts and a discussion of how the authors improved the paper since thenβ¦ so much context is lost between submission attempts across different venues
30.03.2024 17:04 β π 7 π 1 π¬ 1 π 0
Thanks for the amazing time #RealWorldCrypto, fantastic talks and conversations as always! See you next year in Europe :)
29.03.2024 15:55 β π 8 π 0 π¬ 0 π 0
Changing my job title to βfancy cryptographerβ thanks #RealWorldCrypto
25.03.2024 15:11 β π 18 π 2 π¬ 1 π 0
Abstract. Threshold Schnorr signatures are seeing increased adoption in practice, and offer practical defenses against single points of failure. However, one challenge with existing randomized threshold Schnorr signature schemes is that signers must carefully maintain secret state across signing rounds, while also ensuring that state is deleted after a signing session is completed. Failure to do so will result in a fatal key-recovery attack by re-use of nonces. While deterministic threshold Schnorr signatures that mitigate this issue exist in the literature, all prior schemes incur high complexity and performance overhead in comparison to their randomized equivalents. In this work, we seek the best of both worlds; a deterministic and stateless threshold Schnorr signature scheme that is also simple and efficient. Towards this goal, we present Arctic, a lightweight two-round threshold Schnorr signature that is deterministic, and therefore does not require participants to maintain state between signing rounds. As a building block, we formalize the notion of a Verifiable Pseudorandom Secret Sharing (VPSS) scheme, and define Shine, an efficient VPSS construction. Shine is secure when the total number of participants is at least 2t β 1 and the adversary is assumed to corrupt at most t β 1; i.e., in the honest majority model. We prove that Arctic is secure under the discrete logarithm assumption in the random oracle model, similarly assuming at minimum 2t β 1 number of signers and a corruption threshold of at most t β 1. For moderately sized groups (i.e., when n β€ 20), Arctic is more than an order of magnitude more efficient than prior deterministic threshold Schnorr signatures in the literature. For small groups where n β€ 10, Arctic is three orders of magnitude more efficient.
Image showing part 2 of abstract.
Arctic: Lightweight and Stateless Threshold Schnorr Signatures (Chelsea Komlo, Ian Goldberg) ia.cr/2024/466
22.03.2024 21:42 β π 5 π 3 π¬ 0 π 0Hi Toronto! Looking forward to seeing everyone at #RealWorldCrypto π¨π¦
21.03.2024 00:30 β π 4 π 0 π¬ 0 π 0
I was asked today what the upper bound is on number of signers in threshold signature schemes used in practice today and I didnβt have a good answerβ¦
Iβm assuming consensus schemes are larger, but does anyone know of signing groups of > 20? That seems on the larger side
Apparently those leading the anti-diversity programs at US public universities believe βa healthy society requires patriarchyβ- why in 2023 are women with voices and brains considered to be such a threat www.nytimes.com/interactive/...
22.01.2024 11:03 β π 3 π 2 π¬ 0 π 0