Paper 2010/207

Increased Resilience in Threshold Cryptography: Sharing a Secret with Devices That Cannot Store Shares

Koen Simoens, Roel Peeters, and Bart Preneel

Abstract

Threshold cryptography has been used to secure data and control access by sharing a private cryptographic key over different devices. This means that a minimum number of these devices, the threshold t+1, need to be present to use the key. The benefits are increased security, because an adversary can compromise up to t devices, and resilience, since any subset of t+1 devices is sufficient. Many personal devices are not suitable for threshold schemes, because they do not offer secure storage, which is needed to store shares of the private key. This article presents several protocols in which shares are stored in protected form (possibly externally). This makes them suitable for low-cost devices with a factory-embedded key, e.g., car keys and access cards. All protocols are verifiable through public broadcast, thus without private channels. In addition, distributed key generation does not require all devices to be present.

Note: Public key extraction phase of the DKG protocol was altered to a more efficient one

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
threshold cryptography
Contact author(s)
roel peeters @ esat kuleuven be
History
2010-08-17: revised
2010-04-19: received
See all versions
Short URL
https://ia.cr/2010/207
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2010/207,
      author = {Koen Simoens and Roel Peeters and Bart Preneel},
      title = {Increased Resilience in Threshold Cryptography: Sharing a Secret with Devices That Cannot Store Shares},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/207},
      year = {2010},
      url = {https://eprint.iacr.org/2010/207}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.