Secure Distributed Key Generation for Discrete-Log Based Cryptosystems

@article{Gennaro2006SecureDK,
  title={Secure Distributed Key Generation for Discrete-Log Based Cryptosystems},
  author={Rosario Gennaro and Stanislaw Jarecki and Hugo Krawczyk and Tal Rabin},
  journal={Journal of Cryptology},
  year={2006},
  volume={20},
  pages={51-83}
}
A Distributed Key Generation (DKG) protocol is an essential component of threshold cryptosystems required to initialize the cryptosystem securely and generate its private and public keys. In the case of discrete-log-based (dlog-based) threshold signature schemes (ElGamal and its derivatives), the DKG protocol is further used in the distributed signature generation phase to generate one-time signature randomizers (r = gk). In this paper we show that a widely used dlog-based DKG protocol… 
View on Springer
558 Citations
Highly Influential Citations
60
Background Citations
218
Methods Citations
160
Results Citations
7

558 Citations

Citation Type

Citation Type

Design Efficient Distributed Key Generation For Secure Network Applications over Cloud
TLDR
The HTDKG protocol is developed for secure in front of adaptive attackers through presenting the attacker model as well as communication model and is additionally proposed for the decrease the processing time and enhances the memory utilization by utilizing of KDC.
Distributed key generation protocol with a new complaint management strategy
TLDR
An extended version of Joint-Feldman DKG that ensures a uniform distribution of the generated keys and a DKG protocol with public channels that use a new strategy to manage complaints without revealing the shares of the secrets held by honest participants and that clearly identifies dishonest participants are presented.
Asynchronous Distributed Key Generation for Computationally-Secure Randomness, Consensus, and Threshold Signatures.
In this paper, we present the first Asynchronous Distributed Key Generation (ADKG) algorithm which is also the first distributed key generation algorithm that can generate cryptographic keys with a
Distributed protocols for digital signatures and public key encryption
TLDR
This thesis proposes the first generic construction of distributed verifiable random functions (DVRF) that do not impose assumptions on trusted generation of secret keys and whose outputs remain pseudorandom even in a presence of up to n − 1 corrupted servers.
Practical Asynchronous Distributed Key Generation
TLDR
The proposed ADKG protocol produces a field element as the secret and is thus compatible with off-the-shelf threshold cryptosystems, and can tolerate up to t < n/3 malicious nodes and have an expected O(κn) communication cost.
Soft-Timeout Distributed Key Generation for Digital Signature based on Elliptic Curve D-log for Low-Power Devices
TLDR
A threshold signature scheme based on Pedersen distributed key generation principle which is suitable for handheld devices and ad-hoc networks is proposed and the signature can be generated and verified efficiently.
Threshold and Revocation Cryptosystems via Extractable Hash Proofs
  • H. Wee
  • Computer Science, Mathematics
    EUROCRYPT
  • 2011
We present a new unifying framework for constructing noninteractive threshold encryption and signature schemes, as well as broadcast encryption schemes, and in particular, derive several new
Distributed key generation protocol with hierarchical threshold access structure
TLDR
This study considers the problem of DKG in groups with hierarchical structure where the authorised subsets can be defined by a hierarchical threshold access structure and proposes a verifiable hierarchical threshold secret sharing protocol that satisfies all the security requirements.
Distributed Key Generation in the Wild
TLDR
This work proposes a practical system model for the Internet and defines an efficient verifiable secret sharing (VSS) scheme in it and designs a provably secure DKG protocol, which is implemented and establishes its efficiency and reliability by extensively testing it on the PlanetLab platform.
Aggregatable Distributed Key Generation
TLDR
This paper introduces a distributed key generation (DKG) protocol with aggregatable and publicly-verifiable transcripts and proves the security of the aggregatable DKG as well as that of several existing DKGs, including the popular Pedersen variant.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 47 REFERENCES
Revisiting the Distributed Key Generation for Discrete-Log Based Cryptosystems
TLDR
The question whether some discrete-log based threshold cryptosystems remain secure when implemented using the more efficient DKG protocol of Pedersen, in spite of the fact that the adversary can skew the distribution of the secret key generated by this protocol is investigated.
Secure Distributed Key Generation for Discrete-Log Based Cryptosystems
TLDR
A distributed key generation protocol, that achieves optimal resiliency, can be used as a drop-in replacement for key generation modules as well as other components of threshold or proactive discrete-log based cryptosystems.
Adaptive Security for Threshold Cryptosystems
We present adaptively-secure efficient solutions to several central problems in the area of threshold cryptography. We prove these solutions to withstand adaptive attackers that choose parties for
Weakness in Some Threshold Cryptosystems
TLDR
It is shown that the n-out-of-n threshold undeniable signature scheme has an actual security of only 2-out of-n, and the discrete log based threshold signature schemes have a weakness in the key generation protocol.
Optimal-resilience proactive public-key cryptosystems
TLDR
A threshold function sharing scheme with proactive security for general functions with a "homomorphic property" (a class which includes all RSA variants and Discrete logarithm variants) and enables computation of the function by the servers assuring high availability, security and efficiency.
Adaptively secure distributed public-key systems
Efficient signature generation by smart cards
  • C. Schnorr
  • Computer Science, Mathematics
    Journal of Cryptology
  • 2004
TLDR
An efficient algorithm that preprocesses the exponentiation of a random residue modulo p is presented, which improves the ElGamal signature scheme in the speed of the procedures for the generation and the verification of signatures and also in the bit length of signatures.
Proactive public key and signature systems
Emerging applications like electronic commerce and secure communications over open networks have made clear the fundamental role of public key cryptography as a unique enabler for world-wide scale
Secure INtrusion-Tolerant Replication on the Internet
  • C. Cachin, J. Poritz
  • Computer Science
    Proceedings International Conference on Dependable Systems and Networks
  • 2002
TLDR
The implementation of SINTRA in Java is described and timing measurements are given for a test-bed of servers distributed over three continents, showing that extensive use of public-key cryptography does not impose a large overhead for secure coordination in wide-area networks.
A Threshold Cryptosystem without a Trusted Party (Extended Abstract)
In a threshold cryptosystem n members share the necret key of an organization such that k members (1 5 k 5 n) must cooperate in order to decipher a given uphertext. In this note it is shown how to
...
1
2
3
4
5
...