M. Malkin, T. Wu, , and D. Boneh. Experimenting with Shared Generation of RSA keys. In SNDSS 1999.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....number without small factors In this subsection, we present the sieving algorithm used in phase 1 of protocol 4.1 and we show how to generate N such that neither p 2 nor q have no small prime factors. Our method uses a new distributed sieving protocol designed by Boneh, Malkin and Wu in [5] that we patch in order to create p such as neither p, nor p has a small prime factor less than B. Moreover, we show how to withstand malicious adversaries. We denote by P the product of all odd small primes up to B. 1. Each server picks a random integer a i in the range [1; P ] such that a i ....

D. Boneh, M. Malkin, and T. Wu. Experimenting with Shared Generation of RSA keys. In Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), pages 43--56, 1999.

....an offline authority who knows the full certificate signing key SK and the associated polynomial f(x) of degree k 1. This is the standard assumption of related works on secret sharing [14, 10, 5] An alternative solution is to generate the RSA key pair PK,SK distributedly via a method of [21]. 19 Parameter k Revisited Our design so far assumes each node to have at least k legitimate neighbors. This assumption is critical for certification services to be robust against the adversaries defined in Section 3.3. The parameter k also determines the availability of our services. In our ....

M. Malkin, T. Wu, and D. Boneh. Experimenting with Shared Generation of RSA keys. In Internet Society's Symposium on Network and Distributed System Security (SNDSS), pages 43--56, 1999.

....can in fact be used to improve the latter protocol as well. Let us compare the computational cost of the method described above of generating a shared prime product to the one by Boneh and Franklin. We do not consider the improvement on the latter protocol described by Malkin, Wu, and Boneh [24], as most of them apply to our protocol as well. We first summarize the latter approach. Boneh and Franklin propose to first choose random n bit strings and to do a distributed trial division of them. When two strings are found that pass this trial division, they are multiplied to obtain N . ....

M. M. T. Wu and D. Boneh. Experimenting with shared generation of RSA keys. In Proceedings of the Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), pp. 43--56, 1999.

....increases as a larger is adopted. In military environments, the privilege for every node is inherently hierarchical and heterogeneous. For example, a lieutenant usually hold more confidential information than a private. This Though shared key generation schemes are available in literatures [12, 58], the result key pair is revealed to the key generation requester. Besides, it is an open question who has the authority to annul current signing key. implies that an asymmetric function sharing model is more reasonable. In UAV MBN networks, the MBN nodes could hold more shares of the backup DCA ....

M. Malkin, T. Wu, and D. Boneh. Experimenting with Shared Generation of RSA keys. In Internet Society's Symposium on Network and Distributed System Security (SNDSS), pages 43--56, 1999.

....shared public key generation algorithm of [8] and discuss the costs of using shared key techniques and the usefulness of the m of n private key sharing scheme. 3.1. Shared RSA public key generation algorithm Here we review some of the features of the shared RSA public key generation algorithm of [8, 21]. The algorithm enables n domains to generate a modulus N = pq and exponents e and d. At the end of the computation all domains are convinced that N is the product of two primes, however none of them know the factorization of N. The public exponent e is made public while d is shared among the ....

....The operational costs are incurred on infrequent events of access policy specification and modification, such as certificate issuance and revocation, and hence deemed to be inconsequential relative to the frequency of subsequent accesses to be made using the certificate once issued. Malkin et al. [21] show that it may take 1.5 mins to 5 mins on average to generate a shared public key between three servers but it takes these servers only between 1.2 s to 2 s to apply a joint signature) Though the idea of shared public keys has also been discussed by others [9, 24] we use the algorithm of ....

M. Malkin, T. Wu and D. Boneh, "Experimenting with Shared Generation of RSA keys", Proceedings of the Intemet Society's Symposium on Network and Distributed System Security, Feb. 1999, pp. 43--56.

....an offline authority who knows the full certificate signing key SK and the associated polynomial f(x) of degree k 1. This is the standard assumption of related works on secret sharing [18, 12, 26] An alternative solution is to generate the RSA key pair PK,SK distributedly via a method of [30]. Parameter k Revisited Our design so far assumes each node to have at least k legitimate neighbors. This assumption is critical for certification services to be robust against the adversaries defined in Section 3.1. The parameter k also determines the availability of our services (see Section ....

M. Malkin, T. Wu and D. Boneh, "Experimenting with shared generation of RSA keys," Internet Society's 1999 Symposium on Network and Distributed System Security 17

....availability: In the infrastructureless mode, the communication overhead is minimal when a ground node has at least one hop partial CAs. Otherwise, any of the partial CA can serve as a proxy and use its own trust to bring in 2 Though shared key generation schemes are available in literatures [1, 25], the result key pair is revealed to the key generation requester. Besides, it is an open question who has the authority to annul current signing key. more partial CAs, though the communication overhead is increased in this scenario. False accusations: As described before, should be ....

M. Malkin, T. Wu, and D. Boneh. Experimenting with Shared Generation of RSA keys. In Internet Society's Symposium on Network and Distributed System Security (SNDSS), pages 43--56, 1999.

....2 . Fortunately, proactive secret share update [16, 9, 8, 31] and selfinitialization [23, 19] allow the network to periodically update all the secret shares without compromising the shared secret. As long as there are less than 2 Though shared key generation schemes are available in literatures [1, 24], the result key pair is revealed to the key generation requester. Besides, it is an open question who has the authority to annul current signing key. K ground nodes broken between two consecutive secret share updates, the backup signing key SK 0 ff is protected against break ins and can remain ....

M. Malkin, T. Wu, and D. Boneh. Experimenting with Shared Generation of RSA keys. In Internet Society's Symposium on Network and Distributed System Security (SNDSS), pages 43--56, 1999.

....and possibly not even mutually trusted) hosts and locations, thus achieving increased trust in the server. 1.2 Related Systems A number of distributed systems related to the proactive model have been designed and implemented. The Intrusion Tolerance via Threshold Cryptography (ITTC) project [17,19,29] designs and builds tools and an infrastructure that are based on Threshold Cryptography, and use an intrusion tolerant Certification Authority and an intrusion tolerant web server to demonstrate these tools. The technical approach is based upon a distributed RSA key, such that k share servers ....

M. Malkin, T. Wu and D. Boneh, Experimenting with shared generation of RSA keys, in proceedings of the Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), pp. 43-56.

....and the associated polynomial f(x) of degree k 1. While this is the assumption of existing works on secret sharing [11, 12, 21, 24, 27, 30, 36] a possible mechanism to initialize the first k nodes without a dealer would be to let these k nodes generate a RSA key pair PK,SK distributedly [32, 33]. Less than k neighbors We assume a node v i that is requesting certification services have at least k initialized neighboring nodes. However, due to high mobility and network heterogeneity, this may not always hold. This problem can be solved by relaxing our certification policies so that ....

M. Malkin, T. Wu and D. Boneh, "Experimenting with shared generation of RSA keys," Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), pp. 43--56

....sieving algorithm improving the generation of random number without small factors Here we want to show how to generate N such that p 0 = p Gamma1 2 and q 0 = q Gamma1 2 have no small prime factors. Our method uses a new distributed sieving protocol designed by Boneh, Malkin and Wu in [3] that we patch in order to create p such as neither p, nor p 0 has a small prime factor less than B. Moreover, we show how to withstand malicious adversaries. We denote by P the product of all odd small primes up to B. 7 1. Each server picks a random integer a i in the range [1; P ] ....

D. Boneh, M. Malkin, and T. Wu. Experimenting with Shared Generation of RSA keys. In Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), pages 43--56, 1999.

....how many times certain steps of the protocol should be performed, and give some recommendations for these values. Ours is the first implementation of the protocol that we are aware of; since our initial implementation, a full multiparty version has been implemented by Malkin, Wu, and Boneh [15]. Their implementation uses a new technique of distributed sieving , resulting in a significant performance improvement, to running times around 3 minutes. Nonetheless, we feel our (earlier) results are still interesting because they provide insight into the interaction between different parts of ....

M. Malkin, T. Wu, and D. Boneh. Experimenting with shared generation of RSA keys. In Proceedings of the Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), 1999. To appear.

No context found.

M. Malkin, T. Wu, , and D. Boneh. Experimenting with Shared Generation of RSA keys. In SNDSS 1999.

No context found.

Michael Malkin, Thomas Wu, and Dan Boneh. Experimenting with shared generation of RSA keys. In Proceedings of the Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), pages 43--56, 1999.

No context found.

M. Malkin, T. Wu, and D. Boneh. Experimenting with shared generation of RSA keys. In Proceedings of the Internet Society 's 1999.

No context found.

Malkin M, Wu T, Boneh D. Experimenting with shared generation of RSA keys. In Internet society's symposium on network and distributed system security (SNDSS), 1999; pp. 43 -- 56.

No context found.

M. Malkin, T. Wu and D. Boneh, "Experimenting with Shared Generation of RSA keys", Proceedings of the Internet Society's Symposium on Network and Distributed System Security, Feb. 1999, pp. 43---56.

No context found.

M. Malkin, T. Wu, and D. Boneh. Experimenting with shared generation of RSA keys. Proceedings of the Internet Society's 1999.

No context found.

M.Malkin,T.Wu,D.Boneh"Experimenting with shared generation of RSA key", In proceedings of the Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), pp. 43--56

No context found.

M. Malkin, T. Wu, and D. Boneh, Experimenting with Shared Generation of RSA keys, Proc. 1999.

No context found.

Michale Malkin Thomas Wu and Dan Boneh. Experimenting with shared generation of rsa keys. In Proceedings of the Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), pages 43--56, 1999. 17

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC