A new construction of threshold cryptosystems based on RSA

There have been many ways to construct a threshold cryptosystem. Most often they are constructed by combining original public encryption schemes with some methods such as Shamir's secret sharing. In this paper a new threshold cryptosystem based on RSA is presented, which is constructed by several RSA instances with chosen moduli and private keys. In fact, by computing the common private keys of some individual RSA instances and modifying the moduli, we combine those RSA instances and get a new threshold cryptosystem (hereinafter called combined RSA for simplification). First, it is proved that this system has similar security properties to the CRT-based (Chinese remainder theorem) threshold RSA while being convenient to implement, i.e., it only needs modular multiplication once to encrypt or decrypt respectively. Although the new system has the same security strength as the CRT-based RSA theoretically, it will provide fewer opportunities for adversaries in practical applications as there is only one step for encryption or decryption. Second, for complexity, as plain RSA is efficient, the combined RSA is also practical in computation. Therefore, if a plain RSA user wants to develop threshold decryption or threshold signature more conveniently and more securely, the combined RSA would be suitable. Finally, an application of the combined RSA is provided in this paper to realize distributed data access control with collusion-resistance.

[1]  Maged Hamada Ibrahim,et al.  Efficient Dealer-Less Threshold Sharing of Standard RSA , 2009, Int. J. Netw. Secur..

[2]  Dan Boneh,et al.  TWENTY YEARS OF ATTACKS ON THE RSA CRYPTOSYSTEM , 1999 .

[3]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2011 .

[4]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[5]  Joos Vandewalle,et al.  Hardware architectures for public key cryptography , 2003, Integr..

[6]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[7]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[8]  David Thomas,et al.  The Art in Computer Programming , 2001 .

[9]  Tal Rabin,et al.  A Simplified Approach to Threshold and Proactive RSA , 1998, CRYPTO.

[10]  Wang Yandan,et al.  The Research on Key Generation in RSA Public-Key Cryptosystem , 2012, 2012 Fourth International Conference on Computational and Information Sciences.

[11]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[12]  Yair Frankel,et al.  A Practical Protocol for Large Group Oriented Networks , 1990, EUROCRYPT.

[13]  David Lubicz,et al.  Attribute-Based Broadcast Encryption Scheme Made Efficient , 2008, AFRICACRYPT.

[14]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[15]  Jérôme Dossogne,et al.  Secure and practical threshold RSA , 2013, SIN.

[16]  Gary L. Miller Riemann's Hypothesis and Tests for Primality , 1976, J. Comput. Syst. Sci..

[17]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[18]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[19]  Tolga Acar,et al.  Analyzing and comparing Montgomery multiplication algorithms , 1996, IEEE Micro.

[20]  Yvo Desmedt,et al.  Society and Group Oriented Cryptography: A New Concept , 1987, CRYPTO.

[21]  J. Wrench Table errata: The art of computer programming, Vol. 2: Seminumerical algorithms (Addison-Wesley, Reading, Mass., 1969) by Donald E. Knuth , 1970 .