A secure key registration system based on proactive secret-sharing scheme

We designed a secure key registration system based on the proactive secret-sharing scheme. A user can register important data such as a session key to a distributed system in a (t, n)-threshold scheme, which means that the data can be recovered if t sewers cooperate (in other words, that the data cannot be revealed unless t sewers collude). The proactive scheme provides stronger security against an active adversary. We designed the protocol to generate an implicit secret, to distribute shares of it, and to reconstruct the secret for proactive secret-sharing without a dealer. We also developed a prototype of a data archiving service framework on the Internet. To allow users to access the system via a Web browser, we implemented a system based on the PKI (public key infrastructure), where the client/server authentication is done by means of X.509 certification. We also used the publish/subscribe communication model to realize interaction between key management servers, because it is easy to implement the broadcasting channels used in the share update phase.

[1]  Gustavus J. Simmons,et al.  A Protocol to Set Up Shared Secret Schemes Without the Assistance of a Mutualy Trusted Party , 1991, EUROCRYPT.

[2]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[3]  David M. Balenson,et al.  Commercial key recovery : How to use key escrow , 1996 .

[4]  Eric R. Verheul,et al.  Binding ElGamal: A Fraud-Detectable Alternative to Key-Escrow Proposals , 1997, EUROCRYPT.

[5]  Rafail Ostrovsky,et al.  How To Withstand Mobile Virus Attacks , 1991, PODC 1991.

[6]  丸山 宏,et al.  InfoBus Repeater : A Java-based Publish/Subscribe Middleware , 1998 .

[7]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[8]  Matthew K. Franklin,et al.  Communication complexity of secure computation (extended abstract) , 1992, STOC '92.

[9]  David Paul Maher,et al.  Crypto backup and key escrow , 1996, CACM.

[10]  Ran Canetti,et al.  Proactive Security: Long-term protection against break-ins , 1997 .

[11]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[12]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[13]  Keith M. Martin,et al.  Efficient Secret Sharing Without a Mutually Trusted Authority (Extended Abstract) , 1995, EUROCRYPT.

[14]  Dorothy E. Denning,et al.  A taxonomy for key escrow encryption systems , 1996, CACM.

[15]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[16]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[17]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[18]  Osamu Takahashi,et al.  Performance evaluation of reliable multicast transport protocol for large-scale delivery , 1996, Protocols for High-Speed Networks.

[19]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[20]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[21]  Giovanni Di Crescenzo,et al.  Multi-Secret Sharing Schemes , 1994, CRYPTO.