Paper 2025/675

Trilithium: Efficient and Universally Composable Distributed ML-DSA Signing

Antonín Dufka, Cybernetica (Estonia)
Semjon Kravtšenko, Cybernetica (Estonia)
Peeter Laud, Cybernetica (Estonia)
Nikita Snetkov, Cybernetica (Estonia), Tallinn University of Technology
Abstract

In this paper, we present Trilithium: a protocol for distributed key generation and signing compliant with FIPS 204 (ML-DSA). Our protocol allows two parties, "server" and "phone" with assistance of correlated randomness provider (CRP) to produce a standard ML-DSA signature. We prove our protocol to be secure against a malicious server or phone in the universal composability (UC) model, introducing some novel techniques to argue the security of two-party secure computation protocols with active security against one party, but only active privacy against the other. We provide an implementation of our protocol in Rust and benchmark it, showing the practicality of the protocol.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
ML-DSACrystals-Dilithiumdistributed signingMPCUniversal Composabilitythreshold signatures
Contact author(s)
antonin dufka @ cyber ee
semjon kravtsenko @ cyber ee
peeter laud @ cyber ee
nikita snetkov @ cyber ee
History
2025-04-16: revised
2025-04-14: received
See all versions
Short URL
https://ia.cr/2025/675
License
Creative Commons Attribution-NonCommercial-NoDerivs
CC BY-NC-ND

BibTeX 

@misc{cryptoeprint:2025/675,
      author = {Antonín Dufka and Semjon Kravtšenko and Peeter Laud and Nikita Snetkov},
      title = {Trilithium: Efficient and Universally Composable Distributed {ML}-{DSA} Signing},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/675},
      year = {2025},
      url = {https://eprint.iacr.org/2025/675}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.