Abstract
We present an RSA threshold signature scheme. The scheme enjoys the following properties:
-
1.
it is unforgeable and robust in the random oracle model, assuming the RSA problem is hard;
-
2.
signature share generation and verification is completely non-interactive;
-
3.
the size of an individual signature share is bounded by a constant times the size of the RSA modulus.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
BBM00. M. Bellare, A. Boldyreva, and S. Micali. Public-key encryption in a multi-user setting: security proofs and improvements. In Advances in Cryptology-Eurocrypt 2000, pages 259–274, 2000.
BR93. M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In First ACM Conference on Computer and Communications Security, pages 62–73, 1993.
CKS00. C. Cachin, K. Kursawe, and V. Shoup. Random oracles in Constantinople: practical asynchronous Byzantine agreement using cryptography. Manuscript, 2000.
CP92. D. Chaum and T. Pedersen. Wallet databases with observers. In Advances in Cryptology-Crypto’ 92, pages 89–105, 1992.
DDFY94. A. De Santis, Y. Desmedt, Y. Frankel, and M. Yung. How to share a function securely. In 26th Annual ACM Symposium on Theory of Computing, pages 522–533, 1994.
Des87. Y. Desmedt. Society and group oriented cryptography: a new concept. In Advances in Cryptology-Crypto’ 87, pages 120–127, 1987.
DF89. Y. Desmedt and Y. Frankel. Threshold cryptosystems. In Advances in Cryptology-Crypto’ 89, pages 307–315, 1989.
DF91. Y. Desmedt and Y. Frankel. Shared generation of authenticators and signatures. In Advances in Cryptology-Crypto’ 91, pages 457–569, 1991.
ElG85. T. ElGamal. A public key cryptosystem and signature scheme based on discrete logarithms. IEEE Trans. Inform. Theory, 31:469–472, 1985.
FD92. Y. Frankel and Y. Desmedt. Parallel reliable threshold multisignature. Technical Report TR-92-04-02, Univ. of Wisconsin-Milwaukee, 1992.
Fel87. P. Feldman. A practical scheme for non-interactive verifiable secret sharing. In 28th Annual Symposium on Foundations of Computer Science, pages 427–437, 1987.
FGMY97a. Y. Frankel, P. Gemmall, P. MacKenzie, and M. Yung. Optimal-resilience proactive public-key cryptosystems. In 38th Annual Symposium on Foundations of Computer Science, 1997.
FGMY97b. Y. Frankel, P. Gemmall, P. MacKenzie, and M. Yung. Proactive RSA. In Advances in Cryptology-Crypto’ 97, 1997.
FS87. A. Fiat and A. Shamir. How to prove yourself: practical solutions to identification and signature problems. In Advances in Cryptology-Crypto’ 86, Springer LNCS 263, pages 186–194, 1987.
GJKR96a. R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Robust and efficient sharing of RSA functions. In Advances in Cryptology-Crypto’ 96, pages 157–172, 1996.
GJKR96b. R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Robust threshold DSS. In Advances in Cryptology-Eurocrypt’ 96, pages 354–371, 1996.
Har94. L. Harn. Group-oriented (t, n) threshold digitial signature scheme and digital multisignature. IEE Proc.-Comput. Digit. Tech., 141(5):307–313, 1994.
MS95. S. Micali and R. Sidney. A simple method for generating and sharing pseudo-random functions, with applications to Clipper-like key escrow systems. In Advances in Cryptology-Crypto’ 95, pages 185–196, 1995.
NR97. M. Naor and O. Reingold. Number-theoretic constructions of efficient pseudo-random functions. In 38th Annual Symposium on Foundations of Computer Science, 1997.
Rab98. T. Rabin. A simplified approach to threshold and proactive RSA. In Advances in Cryptology-Crypto’ 98, 1998.
RSA78. R. L. Rivest, A. Shamir, and L. M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, pages 120–126, 1978.
Sha79. A. Shamir. How to share a secret. Communications of the ACM, 22:612–613, 1979.
Sho97. V. Shoup. Lower bounds for discrete logarithms and related problems. In Advances in Cryptology-Eurocrypt’ 97, 1997.
Sho99. V. Shoup. On formal models for secure key exchange. IBM Research Report RZ 3120, April 1999.
Sta96. M. Stadler. Publicly verifiable secret sharing. In Advances in Cryptology-Eurocrypt’ 96, pages 190–199, 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shoup, V. (2000). Practical Threshold Signatures. In: Preneel, B. (eds) Advances in Cryptology — EUROCRYPT 2000. EUROCRYPT 2000. Lecture Notes in Computer Science, vol 1807. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45539-6_15
Download citation
DOI: https://doi.org/10.1007/3-540-45539-6_15
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67517-4
Online ISBN: 978-3-540-45539-4
eBook Packages: Springer Book Archive