A public key cryptosystem and a signature scheme based on discrete logarithms
Proceedings of CRYPTO 84 on Advances in cryptology
Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
How to withstand mobile virus attacks (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Forward-Secure Threshold Signature Schemes
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Adaptive Security for Threshold Cryptosystems
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Forward-Secure Digital Signature Scheme
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Forward-Secure Signatures with Optimal Signing and Verifying
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Society and Group Oriented Cryptography: A New Concept
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Efficient Generation of Shared RSA Keys (Extended Abstract)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Efficient Generic Forward-Secure Signatures with an Unbounded Number Of Time Periods
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Adaptively-Secure Optimal-Resilience Proactive RSA
ASIACRYPT '99 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
A New Forward-Secure Digital Signature Scheme
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Threshold Cryptosystems Secure against Chosen-Ciphertext Attacks
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Adaptively-Secure Distributed Public-Key Systems
ESA '99 Proceedings of the 7th Annual European Symposium on Algorithms
An Efficient Two-Party Public Key Cryptosystem Secure against Adaptive Chosen Ciphertext Attack
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Robust Distributed Multiplicaton with out Interaction
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Adaptive Security in the Threshold Setting: From Cryptosystems to Signature Schemes
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
The random oracle methodology, revisited
Journal of the ACM (JACM)
Direct chosen ciphertext security from identity-based techniques
Proceedings of the 12th ACM conference on Computer and communications security
Forward-secure signatures with untrusted update
Proceedings of the 13th ACM conference on Computer and communications security
Dynamic Threshold Public-Key Encryption
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
An efficient threshold public key cryptosystem secure against adaptive chosen ciphertext attack
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Secure distributed key generation for discrete-log based cryptosystems
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient multiparty computations secure against an adaptive adversary
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Practical threshold signatures
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Adaptively secure threshold cryptography: introducing concurrency, removing erasures
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A forward-secure public-key encryption scheme
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
CCA2-secure threshold broadcast encryption with shorter ciphertexts
ProvSec'07 Proceedings of the 1st international conference on Provable security
Threshold public-key encryption with adaptive security and short ciphertexts
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Adaptively secure non-interactive threshold cryptosystems
ICALP'11 Proceedings of the 38th international conference on Automata, languages and programming - Volume Part II
Chosen ciphertext secure public key threshold encryption without random oracles
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
New techniques for dual system encryption and fully secure HIBE with short ciphertexts
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Chosen-ciphertext security of multiple encryption
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Hierarchical identity based encryption with constant size ciphertext
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Simplified threshold RSA with adaptive and proactive security
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Chosen-Ciphertext security from tag-based encryption
TCC'06 Proceedings of the Third conference on Theory of Cryptography
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Hi-index | 0.00 |
Threshold cryptography aims at enhancing the availability and security of decryption and signature schemes by splitting private keys into several (say n) shares (typically, each of size comparable to the original secret key). In these schemes, a quorum of at least (d≤n) servers needs to act upon a message to produce the result (decrypted value or signature), while corrupting less than d servers maintains the scheme's security. For about two decades, extensive study was dedicated to this subject, which created a number of notable results. So far, most practical threshold signatures, where servers act non-interactively, were analyzed in the limited static corruption model (where the adversary chooses which servers will be corrupted at the system's initialization stage). Existing threshold encryption schemes that withstand the strongest combination of adaptive malicious corruptions (allowing the adversary to corrupt servers at any time based on its complete view), and chosen-ciphertext attacks (CCA) all require interaction (in the non-idealized model) and attempts to remedy this problem resulted only in relaxed schemes. The same is true for threshold signatures secure under chosen-message attacks (CMA). It was open (for about 10 years) whether there are non-interactive threshold schemes providing the highest security (namely, CCA-secure encryption and CMA-secure signature) with scalable shares (i.e., as short as the original key) and adaptive security. This paper first surveys our ICALP 2011 work which answers this question affirmatively by presenting such efficient decryption and signature schemes within a unified algebraic framework. The paper then describes how to design on top of the surveyed system the first "forward-secure non-interactive threshold cryptosystem with adaptive security.