Decentralizing Authorities into Scalable Strongest-Link Cothorities.

Online infrastructure often depends on security-critical authorities such as logging, time, and certificate services. Authorities, however, are vulnerable to the compromise of one or a few centralized hosts yielding weakest-link security. We propose collective authorities or cothorities, an architecture enabling thousands of participants to witness, validate, and co-sign an authorityu0027s public actions, with moderate delays and costs. Hosts comprising a cothority form an efficient communication tree, in which each host validates log entries proposed by the root, and contributes to collective log-entry signatures. These collective signatures are small and efficient to verify, while embodying strongest-link trust aggregated over the collective. We present and evaluate a prototype cothority implementation supporting logging, timestamping, and public randomness (lottery) functions. We find that cothorities can scale to support over 4000 widely-distributed participants while keeping collective signing latencies to within a few seconds.