chris-wood
commented
1 year ago Can you elaborate on this? I'm not sure how one converts shares to those that can be additively combined in this way.
Open armfazh opened 1 year ago
chris-wood
commented
1 year ago Can you elaborate on this? I'm not sure how one converts shares to those that can be additively combined in this way.
armfazh
commented
1 year ago See Section 3.2.7 of https://eprint.iacr.org/2020/1390 or Section 2,2 of FROST paper (https://eprint.iacr.org/2020/852)
chris-wood
commented
1 year ago Unless I'm misunderstanding something, those techniques are for converting additive shares into threshold shares, not the other way around.
Edit: I haven't worked out the math, but I suppose one could invert the process based on a quick look. So, is there a use case worth mentioning this property? If not, I don't think we should add it.
We might consider to cover the conversion of Shamir Secret shares to shares of an additive secret sharing.
(s1,...sN) -> (a1,..aN), such that the secret is a1+...+aN.
This technique can be hinted to the reader without any actual enforcement to be implemented in document.