Within a trust infrastructure, a private key is often used to digitally sign a transaction, which can be verified with an associated public key. Using PKI (Public Key Infrastructure), a trusted entity can produce a digital signature, verifying the authenticity of the public key. However, what happens when external entities are not trusted to verify the public key or in cases where there is no Internet connection within an isolated or autonomously acting collection of devices? For this, a trusted entity can be elected to generate a key pair and then split the private key amongst trusted devices. Each node can then sign part of the transaction using their split of the shared secret. The aggregated signature can then define agreement on a consensus within the infrastructure. Unfortunately, this process has two significant problems. The first is when no trusted node can act as a dealer of the shares. The second is the difficulty of scaling the digital signature scheme. This paper outlines a method of creating a leaderless approach to defining trust domains to overcome weaknesses in the scaling of the elliptic curve digital signature algorithm. Instead, it proposes the usage of the Edwards curve digital signature algorithm for the definition of multiple trust zones. The paper shows that the computational overhead of the distributed key generation phase increases with the number of nodes in the trust domain but that the distributed signing has a relatively constant computational overhead.

翻译：在信任基础设施中，通常使用私钥对交易进行数字签名，而关联的公钥可用于验证该签名。借助PKI（公钥基础设施），可信实体可生成数字签名，从而验证公钥的真实性。然而，当外部实体不被信任来验证公钥，或在孤立或自主运行的设备集合中无互联网连接时，情况将如何应对？为此，可选择可信实体生成密钥对，并将私钥分割至可信设备中。每个节点可利用其分得的共享秘密签署部分交易，聚合签名可定义基础设施内的共识协议。遗憾的是，该过程存在两个重大问题：其一，无可信节点能充当份额的分发者；其二，数字签名方案的扩展性困难。本文提出了一种无领导者的信任域定义方法，以克服椭圆曲线数字签名算法在扩展性方面的不足，转而采用爱德华曲线数字签名算法定义多个信任区域。研究表明，分布式密钥生成阶段的计算开销随信任域内节点数量增加而增长，但分布式签名的计算开销相对恒定。