Binding ElGamal: A Fraud-Detectable Alternative to Key-Escrow Proposals

We propose a concept for a worldwide information security infrastructure that protects law-abiding citizens, but not criminals, even if the latter use it fraudulently (i.e. when not complying with the agreed rules). It can be seen as a middle course between the inflexible but fraud-resistant KMI-proposal [8] and the flexible but non-fraud-resistant concept used in TIS-CKE [2]. Our concept consists of adding binding data to the latter concept, which will not prevent fraud by criminals but makes it P t least detectable by third parties without the need of any secret information. In [19], we depict a worldwide framework in which this concept could present a security tool that is flexible enough to be incorporated in any national cryptography policy, on both the domestic and foreign use of cryptography. Here, we present a construction for binding data for ElGamal type public key encryption schemes. As a side result we show that a particular simplification in a multiuser version of ElGamal does not affect its security.

[1]  Don Coppersmith,et al.  Finding a Small Root of a Univariate Modular Equation , 1996, EUROCRYPT.

[2]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[3]  Chris J. Mitchell,et al.  A Proposed Architecture for Trusted Third Party Services , 1995, Cryptography: Policy and Algorithms.

[4]  Telecommunications Board Cryptography's Role in Securing the Information Society , 1996 .

[5]  Eric R. Verheul,et al.  Binding cryptography - A fraud-detectible alternative to Key-Escrow proposals , 1997, Comput. Law Secur. Rev..

[6]  Ronald Cramer,et al.  A Secure and Optimally Efficient Multi-Authority Election Scheme ( 1 ) , 2000 .

[7]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[8]  David M. Balenson,et al.  A new approach to software key escrow encryption , 1995 .

[9]  Michael Roe,et al.  The GCHQ Protocol and Its Problems , 1997, EUROCRYPT.

[10]  Torben P. Pedersen Distributed Provers with Applications to Undeniable Signatures , 1991, EUROCRYPT.

[11]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[12]  Johan Håstad,et al.  On Using RSA with Low Exponent in a Public Key Network , 1985, CRYPTO.

[13]  Lance J. Hoffman Building in Big Brother , 1995, Springer New York.

[14]  Peter Winkler,et al.  A Key Escrow System with Warrant Bounds , 1995, CRYPTO.

[15]  Herbert S. Lin,et al.  Cryptography's Role in Securing the Information Society (Роль криптографии в защите информационного общества) , 1996 .

[16]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[17]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[18]  Yvo Desmedt,et al.  Securing Traceability of Ciphertexts - Towards a Secure Software Key Escrow System (Extended Abstract) , 1995, EUROCRYPT.

[19]  Silvio Micali,et al.  Fair Public-Key Cryptosystems , 1992, CRYPTO.