STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Minimum disclosure proofs of knowledge
Journal of Computer and System Sciences - 27th IEEE Conference on Foundations of Computer Science October 27-29, 1986
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
Verifiable secret sharing and multiparty protocols with honest majority
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Designing programs that check their work
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Zero-knowledge undeniable signatures (extended abstract)
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
How to share a function securely
STOC '94 Proceedings of the twenty-sixth annual ACM symposium on Theory of computing
Robust sharing of secrets when the dealer is honest or cheating
Journal of the ACM (JACM)
Witness-based cryptographic program checking and robust function sharing
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Communications of the ACM
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Convertible Undeniable Signatures
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Shared Generation of Authenticators and Signatures (Extended Abstract)
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Proofs that yield nothing but their validity and a methodology of cryptographic protocol design
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
A practical scheme for non-interactive verifiable secret sharing
SFCS '87 Proceedings of the 28th Annual Symposium on Foundations of Computer Science
Robust threshold DSS signatures
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Distributed provers with applications to undeniable signatures
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Randomness Required for Linear Threshold Sharing Schemes Defined over Any Finite Abelian Group
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Requirements for Group Independent Linear Threshold Secret Sharing Schemes
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
RSA-Based Undeniable Signatures for General Moduli
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Improved Methods to Perform Threshold RSA
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Threshold Cryptosystems Secure against Chosen-Ciphertext Attacks
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Fully Distributed Threshold RSA under Standard Assumptions
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Introduction to Secure Computation
Lectures on Data Security, Modern Cryptology in Theory and Practice, Summer School, Aarhus, Denmark, July 1998
Sharing Decryption in the Context of Voting or Lotteries
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
Adaptively-Secure Distributed Public-Key Systems
ESA '99 Proceedings of the 7th Annual European Symposium on Algorithms
Shared Generation of Random Number with Timestamp: How to Cope with the Leakage of the CA's Secret
PKC '99 Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography
Adaptive Security for the Additive-Sharing Based Proactive RSA
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Robust Forward-Secure Signature Schemes with Proactive Security
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Divisible On-Line/Off-Line Signatures
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Fair Threshold Decryption with Semi-Trusted Third Parties
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Fair threshold decryption with semi-trusted third parties
International Journal of Applied Cryptography
Threshold and revocation cryptosystems via extractable hash proofs
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
An ideal and robust threshold RSA
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
TATA: towards anonymous trusted authentication
iTrust'06 Proceedings of the 4th international conference on Trust Management
A fair and reliable p2p e-commerce model based on collaboration with distributed peers
IWDC'05 Proceedings of the 7th international conference on Distributed Computing
A robust coalition-resistant threshold signature scheme with anonymous signers
ISPA'05 Proceedings of the 2005 international conference on Parallel and Distributed Processing and Applications
An efficient implementation of a threshold RSA signature scheme
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Chord-PKI: A distributed trust infrastructure based on P2P networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
How to construct multicast cryptosystems provably secure against adaptive chosen ciphertext attack
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Threshold cryptography in mobile ad hoc networks
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Further simplifications in proactive RSA signatures
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Identity-Based access control for ad hoc groups
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Simplified threshold RSA with adaptive and proactive security
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
| Hi-index | 0.00 |
We present two efficient protocols which implement robust threshold RSA signature schemes, where the power to sign is shared by N players such that any subset of T or more signers can collaborate to produce a valid RSA signature on any given message, but no subset of fewer than T corrupted players can forge a signature. Our protocols are robust in the sense that the correct signature is computed even if up to T - 1 players behave in arbitrarily malicious way during the signature protocol. This in particular includes the cases of players that refuse to participate or that generate incorrect partial signatures. Our robust protocols achieve optimal resiliency as they can tolerate up to (N - 1)/2 faults, and their efficiency is comparable to the efficiency of the underlying threshold RSA signature scheme. Robust threshold signature schemes have very important applications, since they provide increased security and availability for a signing server (e.g. a certification authority or an electronic cash provider). Solutions for the case of the RSA signature scheme are especially important because of its widespread use. In addition, these techniques apply to shared RSA decryption as well, thus leading to efficient key escrow schemes for RSA. Our schemes are based on some interesting extensions that we devised for the information checking protocol of T. Rabin and Ben-Or [Rab94, RB89], and the undeniable signature work initiated by Chaum and van Antwerpen [CA90]. These extensions have some attractive properties, and hence are of independent interest.