| Traditional centralized systems have absolute control over data when it comes to data sharing,which makes it difficult to ensure data integrity and availability.Decentralized systems,on the other hand,can effectively solve the issue of data ownership.Blockchain,as the core infrastructure of decentralized systems,faces the issue of “single point of failure” for users’ private keys.Currently,the commonly used solution is threshold signature schemes based on secure multi-party computation.However,these schemes face problems in synchronous communication,multi-account derivation,and key share management in practical applications.This paper presents a new method for asynchronous batch signature computation,which relies on a secure multi-party computation scheme to reduce computational load on nodes.Additionally,the paper designs a lightweight and secure communication framework using message queues,and proposes a novel account expansion method based on oblivious pseudorandom functions to address the multi-account expansion problem in multi-party signature schemes.The paper also introduces a data sharing system that employs blockchain threshold signatures and IPFS for data storage,proxy re-encryption for encryption sharing,and threshold signature schemes for account management.The proposed system utilizes the OPAQUE protocol to store private key shards for remote users,as well as SGX trusted execution environments and KMS envelope encryption for enhanced security.The paper confirms the effectiveness of the proposed threshold signature computation method by comparing it with other asynchronous batch processing methods.Additionally,the paper highlights the innovative features and advantages of the proposed system design by comparing it with existing key management applications. |
PDF Full Text Request