MPC ECDSA in Web Browser

This is a demonstration of ECDSA distributed key generation and signing protocols in a secure multi-party computation (MPC) setting. All computations are done only by browser Javascript. This is inspired by Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody, Y. Lindell et al, 2018. eprint, CCS'18, but in a more relaxed security.

MPC Setting

Secret Sharing

In this demo, Shamir Secret Sharing(SSS) is used for parties to have shares without revealing secret information, such as secret key of EC, nonce k in signing protocol. A prime field is used for polinomial computations. This is a k-out-of-n protocol for any n and k satisfy n <= 2k - 1, where n is the total number of parties, and k is the number of honest parties.

Security

This setting assumes Semi-Honest security model where all parties are expected to follow the protocols, but some of corrupted parties cooperate to reveal secret information. Therefore, it should not be used for real applications. If you need a Malicious model, please check the papers.

Demo

Instructions

• Go to demo page for party1, and open developer console to run Javascript code.
• Open party2, and party3 in different tabs. Now you open 3 tabs.
• Run demos.ecdsa.party() on each party's console.
• PublicKey, Message, Signature will show up in the outputs.
  • Public Key ... EC public key generated by MPC KeyGen protocol.
  • Message ... Message of the signature.
  • Signature ... ECDSA signature generated by MPC Sign protocol.
• Verify the signatrue using openssl.
  • Run openssl dgst -sha256 -verify {pubkey file} -signature {signature file} message.txt
  • You will see Verified OK!

Notes

• In this demo, parties use browser's LocalStorage to emulate p2p communications.
• It uses prime256v1 (secp256r1) curve.
• It uses Web Crypto API to generate random values, calculate sha256 hashes.
• It's tested only on Chrome.

Protocols

MPC ECDSA key generation / signing protocols consits of sub MPC protocols.

See protcols page for more details.

Development

Setup

yarn install

Test

yarn run test

Serve

yarn serve

This command runs a local http server, and builds asserts if there are changes on the code. Open http://localhost:9000/demo.html for demos.

Build

yarn run build

This command generates assets under dist dir.

LICENSE

MIT License

Acknowledgment

This work is supported by Prof. Fujisaki at JAIST.