Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting

Carmit Hazay; Gert Læssøe Mikkelsen; Tal Rabin; Tomas Toft; Angelo Agatino Nicolosi

doi:10.1007/s00145-017-9275-7

Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting

Carmit Hazay^*
, Gert Læssøe Mikkelsen
, Tal Rabin
, Tomas Toft
, Angelo Agatino Nicolosi

^*Corresponding author af dette arbejde

Alexandra Instituttet A/S

Publikation: Bidrag til tidsskrift/Konferencebidrag i tidsskrift /Bidrag til avis › Tidsskriftartikel › Forskning › peer review

59 Citationer (Scopus)

Abstract

The problem of generating an RSA composite in a distributed manner without leaking its factorization is particularly challenging and useful in many cryptographic protocols. Our first contribution is the first non-generic fully simulatable protocol for distributively generating an RSA composite with security against malicious behavior. Our second contribution is a complete Paillier (in: EUROCRYPT, pp 223–238, 1999) threshold encryption scheme in the two-party setting with security against malicious attacks. We further describe how to extend our protocols to the multiparty setting with dishonest majority. Our RSA key generation protocol is comprised of the following subprotocols: (i) a distributed protocol for generation of an RSA composite and (ii) a biprimality test for verifying the validity of the generated composite. Our Paillier threshold encryption scheme uses the RSA composite for the public key and is comprised of the following subprotocols: (i) a distributed generation of the corresponding secret key shares and (ii) a distributed decryption protocol for decrypting according to Paillier.

Originalsprog	Engelsk
Tidsskrift	Journal of Cryptology
Vol/bind	32
Nummer	2
Sider (fra-til)	265-323
Antal sider	59
ISSN	0933-2790
DOI	https://doi.org/10.1007/s00145-017-9275-7
Status	Udgivet - 2019

Adgang til dokumentet

10.1007/s00145-017-9275-7

https://eprint.iacr.org/2011/494.pdf

Biblioteksadgang?

Tjek tilgængelighed hos det Kgl. Bibliotek

Andre filer og links

https://www.scopus.com/pages/publications/85044934853

Citationsformater

@article{110f7bf3f70848a79e346b0f96c21c3a,

title = "Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting",

abstract = "The problem of generating an RSA composite in a distributed manner without leaking its factorization is particularly challenging and useful in many cryptographic protocols. Our first contribution is the first non-generic fully simulatable protocol for distributively generating an RSA composite with security against malicious behavior. Our second contribution is a complete Paillier (in: EUROCRYPT, pp 223–238, 1999) threshold encryption scheme in the two-party setting with security against malicious attacks. We further describe how to extend our protocols to the multiparty setting with dishonest majority. Our RSA key generation protocol is comprised of the following subprotocols: (i) a distributed protocol for generation of an RSA composite and (ii) a biprimality test for verifying the validity of the generated composite. Our Paillier threshold encryption scheme uses the RSA composite for the public key and is comprised of the following subprotocols: (i) a distributed generation of the corresponding secret key shares and (ii) a distributed decryption protocol for decrypting according to Paillier.",

keywords = "Paillier, RSA generation, Secure two-party computation, Threshold encryption scheme",

author = "Carmit Hazay and Mikkelsen, \{Gert L{\ae}ss{\o}e\} and Tal Rabin and Tomas Toft and Nicolosi, \{Angelo Agatino\}",

year = "2019",

doi = "10.1007/s00145-017-9275-7",

language = "English",

volume = "32",

pages = "265--323",

journal = "Journal of Cryptology",

issn = "0933-2790",

publisher = "Springer",

number = "2",

}

TY - JOUR

T1 - Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting

AU - Hazay, Carmit

AU - Mikkelsen, Gert Læssøe

AU - Rabin, Tal

AU - Toft, Tomas

AU - Nicolosi, Angelo Agatino

PY - 2019

Y1 - 2019

N2 - The problem of generating an RSA composite in a distributed manner without leaking its factorization is particularly challenging and useful in many cryptographic protocols. Our first contribution is the first non-generic fully simulatable protocol for distributively generating an RSA composite with security against malicious behavior. Our second contribution is a complete Paillier (in: EUROCRYPT, pp 223–238, 1999) threshold encryption scheme in the two-party setting with security against malicious attacks. We further describe how to extend our protocols to the multiparty setting with dishonest majority. Our RSA key generation protocol is comprised of the following subprotocols: (i) a distributed protocol for generation of an RSA composite and (ii) a biprimality test for verifying the validity of the generated composite. Our Paillier threshold encryption scheme uses the RSA composite for the public key and is comprised of the following subprotocols: (i) a distributed generation of the corresponding secret key shares and (ii) a distributed decryption protocol for decrypting according to Paillier.

AB - The problem of generating an RSA composite in a distributed manner without leaking its factorization is particularly challenging and useful in many cryptographic protocols. Our first contribution is the first non-generic fully simulatable protocol for distributively generating an RSA composite with security against malicious behavior. Our second contribution is a complete Paillier (in: EUROCRYPT, pp 223–238, 1999) threshold encryption scheme in the two-party setting with security against malicious attacks. We further describe how to extend our protocols to the multiparty setting with dishonest majority. Our RSA key generation protocol is comprised of the following subprotocols: (i) a distributed protocol for generation of an RSA composite and (ii) a biprimality test for verifying the validity of the generated composite. Our Paillier threshold encryption scheme uses the RSA composite for the public key and is comprised of the following subprotocols: (i) a distributed generation of the corresponding secret key shares and (ii) a distributed decryption protocol for decrypting according to Paillier.

KW - Paillier

KW - RSA generation

KW - Secure two-party computation

KW - Threshold encryption scheme

UR - https://www.scopus.com/pages/publications/85044934853

U2 - 10.1007/s00145-017-9275-7

DO - 10.1007/s00145-017-9275-7

M3 - Journal article

AN - SCOPUS:85044934853

SN - 0933-2790

VL - 32

SP - 265

EP - 323

JO - Journal of Cryptology

JF - Journal of Cryptology

IS - 2

ER -

Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting

Abstract

Adgang til dokumentet

Biblioteksadgang?

Andre filer og links

Fingeraftryk

Citationsformater