Paper 2010/207
Increased Resilience in Threshold Cryptography: Sharing a Secret with Devices That Cannot Store Shares
Koen Simoens, Roel Peeters, and Bart Preneel
Abstract
Threshold cryptography has been used to secure data and control access by sharing a private cryptographic key over different devices. This means that a minimum number of these devices, the threshold $t+1$, need to be present to use the key. The benefits are increased security, because an adversary can compromise up to $t$ devices, and resilience, since any subset of $t+1$ devices is sufficient. Many personal devices are not suitable for threshold schemes, because they do not offer secure storage, which is needed to store shares of the private key. This article presents several protocols in which shares are stored in protected form (possibly externally). This makes them suitable for low-cost devices with a factory-embedded key, e.g., car keys and access cards. All protocols are verifiable through public broadcast, thus without private channels. In addition, distributed key generation does not require all devices to be present.
Note: Public key extraction phase of the DKG protocol was altered to a more efficient one
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- threshold cryptography
- Contact author(s)
- roel peeters @ esat kuleuven be
- History
- 2010-08-17: revised
- 2010-04-19: received
- See all versions
- Short URL
- https://ia.cr/2010/207
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2010/207,
author = {Koen Simoens and Roel Peeters and Bart Preneel},
title = {Increased Resilience in Threshold Cryptography: Sharing a Secret with Devices That Cannot Store Shares},
howpublished = {Cryptology ePrint Archive, Paper 2010/207},
year = {2010},
note = {\url{https://eprint.iacr.org/2010/207}},
url = {https://eprint.iacr.org/2010/207}
}
