# Simple and hardware friendly RSA threshold signatures

A \((n,t)\) threshold signature schemes allow splitting a key into \(n\) pieces, in such a way that at least \(t < n\) participants must jointly use their key shards in order to generate a valid signature.

Many techniques for RSA threshold signatures have been developed. Currently published techniques require either a trusted dealer, or use of a distributed key generation algorithm. In addition, the signers must perform a non-standard RSA signature; that is, signing a message with a private exponent which is not equal to \(e^{-1} \bmod n\). Both requirements prevent using standard hardware such as HSMs or smartcards to protect the key shards.

I discovered a technique for \(n\)-of-\(n\) RSA signatures where both keys and signatures can be computed using standard cryptographic hardware.