Pairing Based Threshold Cryptography Improving on Libert-Quisquater and Baek-Zheng

In this paper we apply techniques from secret sharing and threshold decryption to show how to properly design an ID-based threshold system in which one assumes no trust in any party. In our scheme: – We avoid that any single machine ever knew the master secret s of the trusted authority (TA). Instead only shares of it will be known by parties of the distributed TA and it can be seen as a virtual key. –The threshold tTA and the number of shareholders nTA used by the distributed TA do not need to be identical to the ones used by user ID. Moreover, each user ID can use its own values for the threshold ti and the number of parties ni that will acquire shares. –No single machine will ever know the secret key of the user – this means no single machine in the distributed TA and no shareholder of the user ID and not ID itself. Like Baek and Zheng suggest, such a scheme can be turned into a mediated system.

[1]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[2]  Joonsang Baek,et al.  Identity-Based Threshold Decryption , 2004, Public Key Cryptography.

[3]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[4]  Dieter Gollmann,et al.  Key Escrow in Mutually Mistrusting Domains , 1996, Security Protocols Workshop.

[5]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[6]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[7]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, EUROCRYPT.

[8]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[9]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[10]  Hugo Krawczyk,et al.  Adaptive Security for Threshold Cryptosystems , 1999, CRYPTO.

[11]  Kazuo Ohta,et al.  Advances in Cryptology — ASIACRYPT’98 , 2002, Lecture Notes in Computer Science.

[12]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[13]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[14]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[15]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[16]  Matthew K. Franklin,et al.  Efficient Generation of Shared RSA Keys (Extended Abstract) , 1997, CRYPTO.

[17]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[18]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[19]  Jean-Jacques Quisquater,et al.  Efficient revocation and threshold pairing based cryptosystems , 2003, PODC '03.

[20]  Gene Tsudik,et al.  Simple Identity-Based Cryptography with Mediated RSA , 2003, CT-RSA.

[21]  Marc Joye,et al.  Topics in Cryptology — CT-RSA 2003 , 2003 .

[22]  Robert H. Deng,et al.  Public Key Cryptography – PKC 2004 , 2004, Lecture Notes in Computer Science.

[23]  Moti Yung,et al.  Optimal-resilience proactive public-key cryptosystems , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[24]  Jacques Stern,et al.  Generation of Shared RSA Keys by Two Parties , 1998, ASIACRYPT.