STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Secret sharing homomorphisms: keeping shares of a secret secret
Proceedings on Advances in cryptology---CRYPTO '86
Completeness theorems for non-cryptographic fault-tolerant distributed computation
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Multiparty unconditionally secure protocols
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
Minimum-knowledge interactive proofs for decision problems
SIAM Journal on Computing
How to share a function securely
STOC '94 Proceedings of the twenty-sixth annual ACM symposium on Theory of computing
Perfect Homomorphic Zero-Knowledge Threshold Schemes over any Finite Abelian Group
SIAM Journal on Discrete Mathematics
Communications of the ACM
A Signature with Shared Verification Scheme
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Multiplicative Non-abelian Sharing Schemes and their Application to Threshold Cryptography
ASIACRYPT '94 Proceedings of the 4th International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
The design and implementation of a secure auction service
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Hi-index | 0.00 |
Franklin and Reiter introduced at Eurocrypt '95 verifiable signature sharing, a primitive for a fault tolerant distribution of signature verification. They proposed various practical protocols. For RSA signatures with exponent e = 3 and n processors their protocol allows for up to (n - 1)/5 faulty processors (in general (n - 1)/(2 + e)). We consider a new unifying approach which uses homomorphisms of secret sharing schemes, and present a verifiable signature sharing scheme for which as many as (n - 1)/3 processors can be faulty (for any value of e), and for which the number of interactions is reduced.