Efficient Computation Modulo a Shared Secret with Application to the Generation of Shared Safe-Prime Products

We present a new protocol for efficient distributed computation modulo a shared secret. We further present a protocol to distributively generate a random shared prime or safe prime that is much more efficient than previously known methods. This allows one to distributively compute shared RSA keys, where the modulus is the product of two safe primes, much more efficiently than was previously known.

[1]  Ivan Damgård,et al.  Practical Threshold RSA Signatures without a Trusted Dealer , 2000, EUROCRYPT.

[2]  Jacques Stern,et al.  Fully Distributed Threshold RSA under Standard Assumptions , 2001, ASIACRYPT.

[3]  Shai Halevi,et al.  Computing Inverses over a Shared Secret Modulus , 2000, EUROCRYPT.

[4]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[5]  Shai Halevi,et al.  Secure Hash-and-Sign Signatures Without the Random Oracle , 1999, EUROCRYPT.

[6]  Dan Boneh,et al.  Experimenting with Shared Generation of RSA Keys , 1999, NDSS.

[7]  Hugo Krawczyk,et al.  Robust and Efficient Sharing of RSA Functions , 1996, CRYPTO.

[8]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[9]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[10]  Matthew K. Franklin,et al.  Joint Encryption and Message-Efficient Secure Computation , 1993, CRYPTO.

[11]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[12]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[13]  Moti Yung,et al.  Robust efficient distributed RSA-key generation , 1998, STOC '98.

[14]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[15]  Matthew K. Franklin,et al.  Efficient Generation of Shared RSA Keys (Extended Abstract) , 1997, CRYPTO.

[16]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 1999, CCS '99.

[17]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[18]  R. K. Shyamasundar,et al.  Introduction to algorithms , 1996 .

[19]  Tal Rabin,et al.  A Simplified Approach to Threshold and Proactive RSA , 1998, CRYPTO.

[20]  Resear h LaboratoryCH Efficient Computation Modulo a Shared Secret with Application to the Generation of Shared Safe-Prime Products , 2002 .

[21]  Alfred V. Aho,et al.  The Design and Analysis of Computer Algorithms , 1974 .

[22]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[23]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[24]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[25]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.