Practical threshold signatures with linear secret sharing schemes
International Conference on Cryptology in Africa. AFRICACRYPT 2009: Progress in Cryptology
167 - 178
Item Usage Stats
Function sharing deals with the problem of distribution of the computation of a function (such as decryption or signature) among several parties. The necessary values for the computation are distributed to the participating parties using a secret sharing scheme (SSS). Several function sharing schemes have been proposed in the literature, with most of them using Shamir secret sharing as the underlying SSS. In this paper, we investigate how threshold cryptography can be conducted with any linear secret sharing scheme and present a function sharing scheme for the RSA cryptosystem. The challenge is that constructing the secret in a linear SSS requires the solution of a linear system, which normally involves computing inverses, while computing an inverse modulo φ(N) cannot be tolerated in a threshold RSA system in any way. The threshold RSA scheme we propose is a generalization of Shoup's Shamir-based scheme. It is similarly robust and provably secure under the static adversary model. At the end of the paper, we show how this scheme can be extended to other public key cryptosystems and give an example on the Paillier cryptosystem. © 2009 Springer Berlin Heidelberg.
Linear secret sharing
Public key cryptosystems
Secret sharing schemes
Public key cryptography
Published Version (Please cite this version)http://dx.doi.org/10.1007/978-3-642-02384-2_11
Showing items related by title, author, creator and subject.
Kaya, Kamer; Selçuk, Ali Aydın (Springer, 2008-12)In this paper, we investigate how to achieve verifiable secret sharing (VSS) schemes by using the Chinese Remainder Theorem (CRT). We first show that two schemes proposed earlier are not secure by an attack where the dealer ...
CAPSULE: Language and system support for efficient state sharing in distributed stream processing systems Losa, G.; Kumar, V.; Andrade, H.; Gedik, Buğra; Hirzel, M.; Soulé, R.; Wu, K. -L. (ACM, 2012)Data stream processing applications are often expressed as data flow graphs, composed of operators connected via streams. This structured representation provides a simple yet powerful paradigm for building large-scale, ...
Ozturk, O.; Kandemir, M.; Irwin, M. J. (The Institution of Engineering and Technology, 2010)One of the most important issues in designing a chip multiprocessor is to decide its on-chip memory organisation. While it is possible to design an application-specific memory architecture, this may not necessarily be the ...