Abstract
-
Fail-stop signatures provide security for a sender against a forger with unlimited computational power. In this paper we present a fail-stop signature scheme based on discrete logarithm problem for elliptic curves and then show that the signing process can be distributed among a group of senders to obtain a threshold signature scheme. The threshold signature scheme has a cheater detection property and allows the combiner to detect a sender who is submitting false shares. We will show that our fail-stop signature scheme works in the two commonly used models of signature schemes, with or without a trusted authority.