How to construct random functions
Journal of the ACM (JACM)
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
Fast asynchronous Byzantine agreement with optimal resilience
STOC '93 Proceedings of the twenty-fifth annual ACM symposium on Theory of computing
Asynchronous secure computation
STOC '93 Proceedings of the twenty-fifth annual ACM symposium on Theory of computing
Secure agreement protocols: reliable and atomic group multicast in rampart
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Asynchronous secure computations with optimal resilience (extended abstract)
PODC '94 Proceedings of the thirteenth annual ACM symposium on Principles of distributed computing
Proceedings of the nineteenth annual ACM symposium on Principles of distributed computing
Signature schemes based on the strong RSA assumption
ACM Transactions on Information and System Security (TISSEC)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Asynchronous verifiable secret sharing and proactive cryptosystems
Proceedings of the 9th ACM conference on Computer and communications security
A Threshold Pseudorandom Function Construction and Its Applications
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Shared Generation of Authenticators and Signatures (Extended Abstract)
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Simplified Approach to Threshold and Proactive RSA
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Optimal-resilience proactive public-key cryptosystems
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Number-theoretic constructions of efficient pseudo-random functions
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Robust and Efficient Sharing of RSA Functions
Journal of Cryptology
Collision-free accumulators and fail-stop signature schemes without trees
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Secure hash-and-sign signatures without the random oracle
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Computing inverses over a shared secret modulus
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Practical threshold signatures
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Distributed paillier cryptosystem without trusted dealer
WISA'10 Proceedings of the 11th international conference on Information security applications
| Hi-index | 0.00 |
This paper presents an efficient asynchronous protocol to compute RSA inverses with respect to a public RSA modulus N whose factorization is secret and shared among a group of parties. Given two numbers x and e, the protocol computes y such that ye≡x (mod N). A synchronous protocol for this task has been presented by Catalano, Gennaro, and Halevi (Eurocrypt 2000), but the standard approach for turning this into an asynchronous protocol would require a Byzantine-agreement sub-protocol. Our protocol adopts their approach, but exploits a feature of the problem in order to avoid the use of a Byzantine agreement primitive. Hence, it leads to efficient asynchronous protocols for threshold signatures and for Byzantine agreement based on the strong RSA assumption, without the use of random oracles.