R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Adaptive security for threshold cryptosystems. In CRYPTO 1999, volume 1666 of LNCS, pages 98--115. Springer-Verlag, 1999.  Home/Search   Document Details and Download   Summary   Related Articles   Check

.... known for a long time, starting with Feldman and Pedersen papers [9, 20, 21] However, a flaw in the requirements has been discovered and a first solution as well as a security model for DKG protocols have been defined by Gennaro et al. in [13] The solution has been improved by Canetti et al. in [7] to withstand adaptive attacks. In [16] Lysyanskaya and Jarecki have proposed two new models of security for this kind of attacks. The first one dealt also with concurrent adversaries whereas the second presents erasurefree adaptive security with persistently inconsistent players. The schemes are ....

....encryption scheme which makes the protocol less efficient. Whereas previous solutions to DKG prove security in the information theoretic model, we use here a computational model as the goal of such protocol is to construct a public key. Therefore, we eliminate the committing values of [16, 7] which are needed to prove the security against adaptive adversaries. To cope with such adversaries, we design a one round protocol. Following the new approach proposed by Poupard and Stern, the contribution of this paper is to introduce public channels in order to reduce the communication rounds ....

[Article contains additional citation context not shown here]

C. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Adaptive Security for Threshold Cryptosystems. In Crypto '99, LNCS 1666, pages 98--115. Springer-Verlag, 1999.

....applied without incurring a considerable computation penalty. In contrast, threshold protocols are tailor made for a speci c task at hand and are therefore much more practical. Securing threshold cryptographic systems against adaptive attacks has been the subject of extensive recent research [7, 17, 21]. Erasure free solutions have also been considered [21] However, none of these papers considered the question of constructing adaptively secure threshold versions of signature schemes provably secure against adaptive chosen message attacks [18, 12] On the other hand, statically secure threshold ....

....of this avor [19] Guided by our example, one can convert a protocol for the honest but curious case into one that is secure against an active and adaptive adversary in the erasure free model, at only a small cost in eciency. 2 The adaptive adversary model In this paper, we use a standard model [7] to describe the execution of protocols and the capabilities of the adversary. We assume the existence of l parties communicating over a synchronous broadcast channel with rushing, where up to a threshold t l=2 of them may be corrupted. The value k will represent the security parameter. A ....

[Article contains additional citation context not shown here]

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In Advances in Cryptology| CRYPTO 99. Springer-Verlag, 1999.

....be minimally trusted not to reveal the secret key, and therefore represents a single point of failure for the entire system. Thus, it is often desirable to distribute the key generation phase of the protocol among the participants. This was first accomplished for discrete logbased cryptosystems in [29, 6] (building on [40] and for RSA based cryptosystems in [3] for passive adversaries) and [24] for the case of active adversaries) There is still a need to design threshold systems for many important specific cryptosystems and applications (note that most previous research on threshold ....

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Adaptive Security for Threshold Cryptosystems. Crypto '99.

....corrupt. Constructing protocols that are provably secure against an adaptive adversary is a dicult task, because the adversary s corruption strategy is unknown and may depend upon public values as well as the internal states of the other corrupted parties. Frankel et al. 17] and Canetti et al. [7] have developed techniques for designing adaptively secure threshold cryptosystems, which were improved upon by Jarecki and Lysyanskaya [22] 9 This thesis will rst de ne the important notions and tools needed to develop secure protocols. It will then describe a simple and adaptively secure ....

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In Michael Wiener, editor, Advances in Cryptology { CRYPTO ' 99, Lecture Notes in Computer Science, pages 98-115. International Association for Cryptologic Research, SpringerVerlag, Berlin Germany, August 1999.

No context found.

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin, Adaptive Security for Threshold Cryptosystems, Advances in Cryptology { proceedings of CRYPTO '99, Lecture Notes in Computer Science volume 1666, Springer-Verlag, pp. 98-115, 1999.

No context found.

Ran Canetti, Rosario Gennaro, Stanis#law Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In Proc. CRYPTO 99, pages 98--115. Springer-Verlag, 1999. LNCS No. 1666.

....good players at the same round) The communication assumptions allow us to focus on a high level description of the protocols, and they can be eliminated using standard techniques for privacy, authentication, commitment and agreement. It is possible to use recent techniques by Canetti et al. [6] to make our protocols secure against adaptive adversaries who corrupt players at any stage during the protocol. 2.1 Definitions NOTATIONS. In the following we denote the shared secret modulus by , and by N we denote an approximate bound on , which must be known in the protocol (in the typical ....

....in Appendix A) is a 3 round, public coin, honestverifier statistical ZK proof. When this ZK proof is executed in the distributed protocol above, each player will run it once as the prover. The verifier s challenge will be jointly generated by the other n 1 servers. It is shown by Canetti et.al. [6] that it is sufficient that the protocol is only honest verifier ZK since each prover runs the protocol against a virtual verifier which is implemented by the other n 1 players. This virtual verifier will be forced to act honestly because a majority of the other players is honest. Remark 5 (N ....

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin. Adaptive Security for Threshold Cryptosystems. In Advances in Cryptology - Crypto '99, LNCS vol. 1666, Springer, 1999, pages 98-115.

No context found.

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, T. Rabin. Adaptive Security for Threshold Cryptosystems. To appear in CRYPTO'99.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. http://theory.lcs.mit.edu/~cis/cis-publications.html, 1999.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In Advances in Cryptology---CRYPTO 99. Springer-Verlag, 1999.

No context found.

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Adaptive security for threshold cryptosystems. In CRYPTO 1999, volume 1666 of LNCS, pages 98--115. Springer-Verlag, 1999.

No context found.

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Adaptive security for threshold cryptosystems. In CRYPTO

No context found.

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Adaptive security for threshold cryptosystems. In M. J. Wiener, editor, Advances in Cryptology -- CRYPTO'99, USA, Aug. 15--19, 1999. Springer-Verlag, Berlin, Germany.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In proceedings of CRYPTO '99, LNCS series, volume 1666, pages 98-115, 1999.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In proceedings of CRYPTO '99, LNCS series, volume 1666, pages 98-115, 1999.

No context found.

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Adaptive security for threshold cryptosystems. In M. Wiener, editor, Advances in Cryptology | CRYPTO '99, volume 1666 of Lecture Notes in Computer Science, pages 98-115. Springer-Verlag, 1999.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In Michael Wiener, editor, Advances in Cryptology - Crypto '99, pages 98--115, Berlin, 1999. SpringerVerlag. Lecture Notes in Computer Science Volume 1666.

No context found.

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, T. Rabin, Adaptive security for threshold cryptosystems, Crypto '99, LNCS 1666, pp. 98-115, 1999.

No context found.

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Adaptive security for threshold cryptosystems. In Advances in Cryptology - Proceedings of the 19th Annual International Cryptology Conference (CRYPTO), volume 1666 of Lecture Notes in Computer Science, pages 98--115. Springer, 1999.

No context found.

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin, Adaptive Security for Threshold Cryptosystems. In CRYPTO '99, Springer LNCS 1666, pp. 98--115, 1999.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In Proceedings of Advances in Cryptology - CRYPTO '99, volume 1666 of LNCS, pages 98--115. Springer-Verlag, 1999.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. http://theory.lcs.mit.edu/~cis/cis-publications.html, 1999.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In Advances in Cryptology|CRYPTO 99. Springer-Verlag, 1999.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. http://theory.lcs.mit.edu/~cis/cis-publications.html, 1999.

No context found.

Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive security for threshold cryptosystems. In Advances in Cryptology|CRYPTO 99. SpringerVerlag, 1999.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC