(t+1,n) threshold and generalized DSS signatures without a trusted party

A (t,n) threshold signature scheme allows n members of a group to share a secret key such that any t members can create a valid group signature. Of course, any t members can compromise this system. However designing a (t,n) threshold signature scheme based on the Digital Signature Standard (DSS) is difficult if there is no trusted party to distribute the shares of the secret. Langford (1995) proposed a (t/sup 2/-t+1)-out-of-n threshold DSS signature scheme without a trusted party. It requires t/sup 2/-t+1 members to sign a document, but t members can conspire to destroy this scheme. Gennaro et al. (1996) improved that result by proposing a robust threshold DSS signature scheme which requires 2t+1 members in the signing procedure. This paper proposes a new method to reduce the number of signers to t+1. We also extend our scheme to a generalized case.

[1]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[2]  Narn-Yih Lee,et al.  Threshold-Multisignature Schemes where Suspected Forgery Implies Traceability of Adversarial Shareholders , 1994, EUROCRYPT.

[3]  Chi-Sung Laih,et al.  Generalized Threshold Cryptosystems , 1991, ASIACRYPT.

[4]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, EUROCRYPT.

[5]  Susan K. Langford Threshold DSS Signatures without a Trusted Party , 1995, CRYPTO.

[6]  Thomas Hardjono,et al.  A Practical Digital Multisignature Scheme Based on Discrete Logarithms , 1992, AUSCRYPT.

[7]  Susan K. Langford Weakness in Some Threshold Cryptosystems , 1996, CRYPTO.

[8]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[9]  Yvo Desmedt,et al.  Shared Generation of Authenticators and Signatures (Extended Abstract) , 1991, CRYPTO.

[10]  Gustavus J. Simmons,et al.  A Protocol to Set Up Shared Secret Schemes Without the Assistance of a Mutualy Trusted Party , 1991, EUROCRYPT.

[11]  Keith M. Martin,et al.  Efficient Secret Sharing Without a Mutually Trusted Authority (Extended Abstract) , 1995, EUROCRYPT.

[12]  L. Harn Group-oriented (t, n) threshold digital signature scheme and digital multisignature , 1994 .

[13]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[14]  Tzonelih Hwang,et al.  Conspiracy Attacks on the Threshold RSA Signature Scheme , 1994, Cryptologia.

[15]  CORPORATE NIST The digital signature standard , 1992, CACM.

[16]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.