International Conference on the Theory and Applications of Cryptographic Techniques

EUROCRYPT 2004: Advances in Cryptology - EUROCRYPT 2004 pp 138-152

Practical Large-Scale Distributed Key Generation

  • John Canny
  • Stephen Sorkin
Conference paper

DOI: 10.1007/978-3-540-24676-3_9

Volume 3027 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Canny J., Sorkin S. (2004) Practical Large-Scale Distributed Key Generation. In: Cachin C., Camenisch J.L. (eds) Advances in Cryptology - EUROCRYPT 2004. EUROCRYPT 2004. Lecture Notes in Computer Science, vol 3027. Springer, Berlin, Heidelberg


Generating a distributed key, where a constant fraction of the players can reconstruct the key, is an essential component of many large-scale distributed computing tasks such as fully peer-to-peer computation and voting schemes. Previous solutions relied on a dedicated broadcast channel and had at least quadratic cost per player to handle a constant fraction of adversaries, which is not practical for extremely large sets of participants. We present a new distributed key generation algorithm, sparse matrix DKG, for discrete-log based cryptosystems that requires only polylogarithmic communication and computation per player and no global broadcast. This algorithm has nearly the same optimal threshold as previous ones, allowing up to a \(\frac{1}{2}-\epsilon\) fraction of adversaries, but is probabilistic and has an arbitrarily small failure probability. In addition, this algorithm admits a rigorous proof of security. We also introduce the notion of matrix evaluated DKG, which encompasses both the new sparse matrix algorithm and the familiar polynomial based ones.


Threshold CryptographyDistributed Key GenerationDiscrete LogarithmRandom WalkLinear Algebra
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • John Canny
    • 1
  • Stephen Sorkin
    • 1
  1. 1.University of CaliforniaBerkeleyUSA