Existing TPM-based multisignature schemes require real-time interaction among participants during the commitment phase, resulting in high communication overhead, synchronization bottlenecks, and vulnerability to protocol failure upon device faults—issues particularly acute in cross-device settings. This work proposes PiTPM, the first framework for TPM-based multisignatures that eliminates inter-participant interaction by leveraging an aggregator to securely store a pre-shared random seed. Combining Schnorr multisignatures with a hybrid trust architecture, PiTPM enables deterministic generation of a global commitment without any communication among signers. The scheme produces constant-size signatures independent of the number of participants and is proven secure under EU-CMA in the random oracle model assuming the hardness of the discrete logarithm problem. Experimental evaluation demonstrates that PiTPM significantly improves both efficiency and robustness.

Trusted Platform Module (TPM) 2.0 devices provide efficient hardware-based cryptographic security through tamper-resistant key storage and computation, making them ideal building blocks for multi-party signature schemes in distributed systems. However, existing TPM-based multi-signature constructions suffer from a fundamental limitation, they require interactive protocols where all participants must coordinate during the commitment phase, before any signature can be computed. This interactive requirement creates several critical problems, such as synchronization bottlenecks, quadratic communication complexity, and aborted protocols as a result of participant failure. These limitations become particularly heightened for applications that require cross-device cryptographic operations. This paper presents PiTPM, an Aggregator Framework built upon Schnorr's digital signature. Our protocol eliminates the interactive requirement using a hybrid trust architecture. The proposed framework uses pre-shared randomness seeds stored securely in an Aggregator, enabling deterministic computation of global commitments without inter-participant communication. The resulting signatures of the proposed framework are of constant size regardless of signer count. Our experimental results show a possible paradigm shift in TPM-based cryptographic system design, demonstrating that hybrid trust architectures can achieve significant performance improvements while maintaining rigorous security guarantees. We provide a comprehensive formal security analysis proving EU-CMA security under the discrete logarithm assumption in the random oracle model.