Hermine: Post-quantum threshold signatures with advanced properties.
Hermine is a FROST-like, partially non-interactive, post-quantum threshold scheme that keeps keys distributed, while providing advanced mechanisms to protect against correctness attacks and long-running adversaries.
Split authority into shards across independent operators. No monolithic private key.
Require threshold T participants to co-sign, keeping shards sealed.
Produce a Raccoon signature—no private key ever exists in a single place.
Built for deployment.
Hermine integrates desirable properties for deployment: two-round (partially non-interactive) signing, identifiable aborts, proactive refresh, and post-quantum security based on lattice assumptions.
DKG and Proactive Refresh
Key generation is distributed, with no trusted dealer required. Periodically refresh shares without changing the public key, allowing to recover from compromised shards.
Partially Non-Interactive
Signing in two rounds: one preprocessing round, and a single message-dependent round, keeping latency minimal and predictable.
Identifiable Aborts
Misbehaving participants can be clearly identified on protocol failure, enabling efficient recovery without guesswork.
Post-quantum Security
Built on standard lattice assumptions to align with NIST PQC standardisation.
The Team
Where Hermine fits
Multi-device wallets
For wallets that split keys across phones, laptops, and other devices. Threshold signatures protect against compromised or lost devices.
Keyless TLS / CDNs
For HTTPS offload with CDNs: edge servers sign with shares, so no single machine holds the full key.
Tor directory authorities
For Tor consensus signing: a small group of authorities uses threshold signatures to prevent any single authority from biasing the consensus.