Kelsey, J.
and Lucks, S.
(2022),
Coalition and Threshold Hash-Based Signatures, Cryptology ePrint Archive, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=933491, https://eprint.iacr.org/2022/241
(Accessed October 6, 2025)
| CARVIEW |
Select Language
HTTP/2 200
date: Mon, 06 Oct 2025 22:03:21 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
cache-control: max-age=2764800, private
content-language: en
content-security-policy: default-src 'self'; script-src 'self' *.nist.gov js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net gov-bam.nr-data.net 'unsafe-inline' 'unsafe-eval' www.google-analytics.com *.googletagmanager.com platform.twitter.com https://player.vimeo.com static.cloudflareinsights.com https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline' *.nist.gov fonts.googleapis.com *.typekit.net; img-src 'self' 'unsafe-inline' data: *.nist.gov *.google-analytics.com *.googletagmanager.com cdnsecakmi.kaltura.com nist-el-nfrlhrr.s3.amazonaws.com https://cdn.jsdelivr.net/npm/leaflet-fullscreen@1.0.2/dist/fullscreen@2x.png https://cdn.jsdelivr.net/npm/leaflet-fullscreen@1.0.2/dist/fullscreen.png api.mapbox.com syndication.twitter.com https://h5p.org https://i.vimeocdn.com; media-src 'self' nist-el-nfrlhrr.s3.amazonaws.com; frame-src 'self' tube.nist.gov sts.nist.gov sts2.nist.gov *.kaltura.com *.youtube.com *.arcgis.com https://platform.twitter.com/ https://player.vimeo.com *.bluejeans.com https://vimeo.com/ https://time.gov/ login.nist.gov https://customer-ltx6ylk10sje63q6.cloudflarestream.com https://challenges.cloudflare.com; frame-ancestors 'self'; child-src 'self' blob: tube.nist.gov sts.nist.gov sts2.nist.gov *.kaltura.com *.youtube.com *.arcgis.com *.time.gov login.nist.gov; font-src 'self' *.nist.gov fonts.googleapis.com fonts.gstatic.com *.typekit.net data:; connect-src 'self' bam.nr-data.net bam-cell.nr-data.net gov-bam.nr-data.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com; report-uri /report-csp-violation; upgrade-insecure-requests
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Mon, 06 Oct 2025 22:03:21 GMT
strict-transport-security: max-age=31536000
surrogate-control: no-store, content="BigPipe/1.0"
vary: Cookie,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-cache: UNCACHEABLE (response policy)
x-frame-options: SAMEORIGIN
x-generator: Drupal 10 (https://www.drupal.org)
x-request-id: v-45c5380e-a300-11f0-92d5-f3800d5cd319
cf-cache-status: BYPASS
set-cookie: __cf_bm=2AL3FDNRMXSzvIII7H7e4R1M2TmUJAFOV7syyEX9NqY-1759788201-1.0.1.1-ZNEwo6p9DO3EWUYAo62Ur7xLSmh0uO5hqx69YUnzZ5JC_YmeGAb8.3l6eu58f5CtzF4zrlbT4ODO1xu1QWZnj5jb4PBoY4.t4mTkKeLfBKA; path=/; expires=Mon, 06-Oct-25 22:33:21 GMT; domain=.nist.gov; HttpOnly; Secure; SameSite=None
set-cookie: _cfuvid=eP7yrFcerUzqtMS0A6wEWWFp6niP5tGrL25vHNG3t2Q-1759788201888-0.0.1.1-604800000; path=/; domain=.nist.gov; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 98a872c1ed8cf7fc-ORD
Coalition and Threshold Hash-Based Signatures | NIST
Skip to main content
NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.
Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.
An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
https://www.nist.gov/publications/coalition-and-threshold-hash-based-signatures
Coalition and Threshold Hash-Based Signatures
Published
Author(s)
John M. Kelsey, Stefan Lucks
Abstract
We show how to construct a threshold version of stateful hash-based signature schemes like those defined in XMSS (defined in RFC8391) and LMS (defined in RFC8554). Our techniques assume a trusted dealer and secure point-to-point communications; are efficient in terms of communications and computation; and require at least one party to have a large (but practical) amount of storage. We propose the addition of an untrusted Helper to manage the large storage required without being given access to any secret information. We prove the security of our schemes in a straightforward way, reducing their strength to that of the underlying hash-based signature scheme. Our schemes are quite practical, and substantially decrease the risk of accidental key reuse in hash-based signature schemes.Citation
Cryptology ePrint Archive
Volume
2022
Pub Weblink
Pub Type
Websites
Download Paper
Keywords
threshold cryptography, hash functions, hash-based signatures
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created February 25, 2022, Updated November 29, 2022