The Power of Proofs-of-Possession: Securing Multiparty Signatures Against Rogue-Key Attacks

Multiparty signature protocols need protection against rogue-key attacks, made possible whenever an adversary can choose its public key(s) arbitrarily. For many schemes, provable security has only been established under the Knowledge Of Secret Key (KOSK) assumption where the adversary is required to reveal the secret keys it utilizes. In practice, certifying authorities rarely require the strong proofs of knowledge of secret keys required to substantiate the KOSK assumption. Instead, Proofs Of Possession (POPs) are required and can be as simple as just a signature over the certificate request message. The authors propose a general registered key model, within which they can model both the KOSK assumption and in-use POP protocols.