Include Distributed/Threshold Key Derivation for Cat 1 Schemes?

[Matthias Geihs]

This message is to open the discussion around explicitly soliciting solutions for distributed key derivation in the call.

In comparison to distributed key generation, distributed key derivation allows a set of servers to deterministically derive user key shares from a constant-size secret-shared master key and a common public input such as the user's identity. This has applications to distributed key management scalability as user key shares need no longer be stored individually, but can be derived on demand from the constant-size master key. Moreover, key share refresh can happen by refreshing the shares of the single, constant-size master key instead of having to refresh the shares of each individual user key.

Would be curious to hear other opinions on that matter.

---

Dr. Matthias Geihs

(Senior Researcher and Engineer at Torus Labs / Web3Auth)