Title :
Necessity and realization of universally verifiable secret sharing
Author_Institution :
Hewlett-Packard Labs., Bristol, UK
Abstract :
Argues the necessity of universally verifiable secret sharing for secrets as individual users´ cryptographic keys, and proposes protocols to realize such secret sharing for two most common public-key cryptosystems: discrete logarithm-based and integer factorization-based. The universal verifiability achieves the sharing of secrets with multiple third parties as shareholders using two-party protocols in which a single verifier, who can be anybody, can verify the correctness of the secret sharing for the (off-line) multiple shareholders. Several advantages result: (i) dropping of the honesty requirement on the verifier and the shareholders, (ii) dropping of the online availability requirement on the multiple shareholders, and (iii) the simplicity of two-party protocols which provide users with the freedom and flexibility to choose multiple shareholders they trust in real time of share distribution. The two-party protocols proposed offer a practical solution for secure data backup and key recovery services
Keywords :
formal verification; protocols; public key cryptography; correctness verification; cryptographic keys; discrete logarithm-based cryptography; honesty requirement; integer factorization-based cryptography; key recovery services; multiple shareholders; multiple third parties; online availability requirement; public-key cryptosystems; real-time share distribution; secure data backup; two-party protocols; universally verifiable secret sharing; Broadcasting; Cryptographic protocols; Government; Laboratories; Licenses; Privacy; Proposals; Public key cryptography; Variable structure systems;
Conference_Titel :
Security and Privacy, 1998. Proceedings. 1998 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-8386-4
DOI :
10.1109/SECPRI.1998.674836
