Paper 2026/013

Efficient Threshold ML-DSA

Sofía Celi, Brave Research, University of Bristol
Rafaël del Pino, PQShield
Thomas Espitau, PQShield
Guilhem Niot, PQShield, Univ Rennes, CNRS, IRISA
Thomas Prest, PQShield
Abstract

Threshold signature schemes allow a group of users to jointly generate a digital signature, providing resilience against faults and enhancing decentralization. With the advent of post-quantum cryptography, lattice-based threshold signatures have gained attention as viable PQ-threshold solutions. Nevertheless, existing constructions are limited in terms of their scalability, robustness. Worse, none is compatible with standardized schemes, particularly with the NIST-selected and standardized Module-Lattice-based Digital Signature Algorithm (ML-DSA) algorithm. In this work, we present the first threshold signature scheme that is fully compatible with ML-DSA, supporting secure and efficient signing for a small number of parties, with an average communication per party upper bounded by 1 MB up to 6 parties. Our construction leverages advanced short secret sharing techniques and integrates optimized rejection sampling to achieve a favorable balance between communication efficiency and correctness in distributed environments. We implement our construction in Go and evaluate its performance across local, LAN, and WAN network settings. Our benchmarks demonstrate that our threshold ML-DSA scheme is not only practically deployable but also well-suited for real-world applications, including multi-device cryptocurrency wallets, threshold-based TLS authentication, and for Tor's directory authorities.

Note: This preprint supersedes the preprint 2025/1166 containing an earlier version of this work.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Major revision. USENIX Security '26
Keywords
threshold signaturesML-DSAlattice-based cryptography
Contact author(s)
cherenkov @ riseup net
rafael del pino @ pqshield com
thomas espitau @ pqshield com
guilhem niot @ pqshield com
thomas prest @ pqshield com
History
2026-01-09: approved
2026-01-05: received
See all versions
Short URL
https://ia.cr/2026/013
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2026/013,
      author = {Sofía Celi and Rafaël del Pino and Thomas Espitau and Guilhem Niot and Thomas Prest},
      title = {Efficient Threshold {ML}-{DSA}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/013},
      year = {2026},
      url = {https://eprint.iacr.org/2026/013}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.