Eliminating Quadratic Slowdown in Two-Prime RSA Function Sharing

The nature of the RSA public modulus N as a composite of at least two secret large primes was always considered as a major obstacle facing the RSA function sharing without the help of a trusted dealer. The incorporated parties must agree on a suitable RSA modulus with no information revealed to them about its prime factors. Enormous number of trials must be performed before a suitable modulus is established. According to the number theory, for two ‘-bit primes modulus, the number of trials is in the order of O(‘ 2 ). Efiorts have been made to reduce the quadratic slowdown in the generation process, however, most of these protocols allow the joint generation of a multi-prime RSA modulus (an RSA modulus with at least three prime factors), which is a drift from standard. Other protocols require distributed primality tests over a shared secret modulus which is an extensive task. In this paper, we introduce a simple yet an e‐cient idea to allow two parties to jointly generate a two-prime RSA modulus with a running time complexity O(‘). In our protocol, the distributed primality test is performed over a public modulus. Consequently, the expected running time will be reduced from several days to only few minutes. The protocol can be extended to the multiparty case. However, for clarity, in this paper, we focus on the two-party case.

[1]  Jan Camenisch,et al.  Efficient Computation Modulo a Shared Secret with Application to the Generation of Shared Safe-Prime Products , 2002, CRYPTO.

[2]  Julien P. Stern A New Efficient All-Or-Nothing Disclosure of Secrets Protocol , 1998, ASIACRYPT.

[3]  Dan Boneh,et al.  Generating a Product of Three Primes with an Unknown Factorization , 1998, ANTS.

[4]  Mike Burmester,et al.  Shared Generation of Shared Rsa Keys 1 , 1998 .

[5]  M.H. Ibrahi,et al.  Verifiable threshold sharing of a large secret safe-prime , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[6]  Moni Naor,et al.  Oblivious transfer and polynomial evaluation , 1999, STOC '99.

[7]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[8]  ord Cocks Split Generation of RSA Parameters with Multiple Participants Cli , 1998 .

[9]  Yvo Desmedt,et al.  Society and Group Oriented Cryptography: A New Concept , 1987, CRYPTO.

[10]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[11]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[12]  Maged Hamada Ibrahim,et al.  Fast Fully-Distributed and Threshold RSA Function Sharing , 2005 .

[13]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[14]  Yvo Desmedt,et al.  Threshold cryptography , 1994, Eur. Trans. Telecommun..

[15]  Niv Gilboa,et al.  Two Party RSA Key Generation , 1999, CRYPTO.

[16]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[17]  Maged Hamada Ibrahim,et al.  Fast Three-Party Shared Generation of RSA Keys Without Distributed Primality Tests , 2005 .

[18]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[19]  Rosario Gennaro,et al.  Theory and practice of verifiable secret sharing , 1996 .

[20]  Maged Hamada Ibrahim,et al.  Verifiable Threshold Sharing of a Large Secret Safe-Prime , 2005, ITCC.

[21]  Yvo Desmedt,et al.  Parallel reliable threshold multisignature , 1992 .

[22]  Yuval Ishai,et al.  Protecting data privacy in private information retrieval schemes , 1998, STOC '98.

[23]  Silvio Micali,et al.  Non-Interactive Oblivious Transfer and Applications , 1989, CRYPTO.

[24]  Julien P. Stern A new and efficient all-or-nothing disclosure of secrets protocol , 1998 .

[25]  Moti Yung,et al.  Robust efficient distributed RSA-key generation , 1998, STOC '98.

[26]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[27]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[28]  Susan K. Langford Threshold DSS Signatures without a Trusted Party , 1995, CRYPTO.

[29]  Jacques Stern,et al.  Generation of Shared RSA Keys by Two Parties , 1998, ASIACRYPT.

[30]  Clifford C. Cocks Split Knowledge Generation of RSA Parameters , 1997, IMACC.

[31]  Tobias Straub,et al.  Efficient Two Party Multi-Prime {RSA} Key Generation , 2003 .

[32]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..

[33]  Shai Halevi,et al.  Computing Inverses over a Shared Secret Modulus , 2000, EUROCRYPT.