On the Security of Two-Round Multi-Signatures

Explore a critical analysis of two-round multi-signature schemes in this IEEE Symposium on Security & Privacy conference talk. Delve into the security vulnerabilities of popular schemes like BCJ, MWLD, CoSi, and MuSig, designed for large-scale decentralized trust applications. Discover why current techniques fail to prove these schemes secure, and learn about the subtle flaws in their published security proofs. Examine practical sub-exponential attacks that further demonstrate their insecurity. Finally, investigate mBCJ, a new variant of the BCJ scheme that offers provable security under the discrete-logarithm assumption in the random-oracle model, while maintaining scalability for large-scale deployments of up to 16,384 signers.

On the Security of Two-Round Multi-Signatures