Adaptive Security for the Additive-Sharing Based Proactive RSA
نویسندگان
چکیده
Adaptive security has recently been a very active area of research. In this paper we consider how to achieve adaptive security in the additive-sharing based proactive RSA protocol (from Crypto97). This protocol is the most efficient proactive RSA protocol for a constant number of shareholders, yet it is scalable, i.e., it provides reasonable asymptotic efficiency given certain constraints on the corruption threshold. It is based on organizing the shareholders in a certain design (randomly generated, in the asymptotic case) of families of committees and establishing communications based on this organization. This structure is very different than polynomial-based proactive RSA protocols, and the techniques for achieving adaptive security for those protocols do not apply. Therefore, we develop new techniques for achieving adaptive security in the additive-sharing based proactive RSA protocol, and we present complete proofs of security.
منابع مشابه
Optimal Resilience Proactive Public-Key Cryptosystems
We introduce new eecient techniques for sharing cryptographic functions in a distributed dynamic fashion. These techniques dynamically and securely transform a distributed function (or secret sharing) representation between tout of -l (polynomial sharing) and tout of -t (additive sharing). We call the techniques poly-to-sum and sum-to-poly, respectively. Employing these techniques, we solve a n...
متن کاملFurther Simplifications in Proactive RSA Signatures
We present a new robust proactive (and threshold) RSA signature scheme secure with the optimal threshold of t < n/2 corruptions. The new scheme offers a simpler alternative to the best previously known (static) proactive RSA scheme given by Tal Rabin [36], itself a simplification over the previous schemes given by Frankel et al. [18, 17]. The new scheme is conceptually simple because all the sh...
متن کاملSimplified Threshold RSA with Adaptive and Proactive Security
We present the currently simplest, most efficient, optimally resilient, adaptively secure, and proactive threshold RSA scheme. A main technical contribution is a new rewinding strategy for analysing threshold signature schemes. This new rewinding strategy allows to prove adaptive security of a proactive threshold signature scheme which was previously assumed to be only statically secure. As a s...
متن کاملEfficient Dealer-Less Threshold Sharing of Standard RSA
In [15] an efficient two-party, two-prime RSA function sharing protocol was proposed. The protocol proves efficiency over previously proposed protocols. When the sharing of standard RSA is considered, the protocol is faster than ever. In this paper, under the assumption that the adversary has eavesdropping and halting capabilities, we propose an efficient extension to the protocol of [15]. Our ...
متن کاملAdaptively-Secure Optimal-Resilience Proactive RSA
When attacking a distributed protocol, an adaptive adversary may determine its actions (e.g., which parties to corrupt), at any time, based on its entire view of the protocol including the entire communication history. In this paper we are concerned with proactive RSA protocols, i.e., robust distributed RSA protocols that rerandomize key shares at certain intervals to reduce the threat of long-...
متن کامل