Abstract
Paillier cryptosystem is the building block of many cryptographic protocols. The secure keys generation without a trusted dealer is an essential scheme in a distributed system since the dealer may be under the threat of a single point of attack.
We present a distributed keys generation scheme of the threshold Paillier’s encryption system using efficient multiparty computation. Our scheme consists of two offline and online phases where the offline phase can be implemented at any time well in advance of the computation phase. Both the public and the private keys are computed and verified in the presence of at least \(n\ge t+1\) participants in the actual online phase. This gives an improvement on the previous studies where at least a number of \(2t+1\) parties are required for the keys generation. Furthermore, the private communication complexity of our scheme is \(O(n^2)\) field elements with no broadcast communication overhead which improves on the total communication complexity of [21]. Our protocol maintains the security against a static active adversary corrupting up to t participants with the small probability of error using message authentication codes. Also, the computed keys are t-private, i.e., any subset of equal or less than t parties cannot gain any information about the factorization of N.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Baum, C., Damgård, I., Toft, T., Zakarias, R.: Better preprocessing for secure multiparty computation. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 327–345. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_18
Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_34
Beerliová-Trubíniová, Z., Hirt, M.: Perfectly-secure MPC with linear communication complexity. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 213–230. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78524-8_13
Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 1–10 (1988)
Bendlin, R., Damgård, I., Orlandi, C., Zakarias, S.: Semi-homomorphic encryption and multiparty computation. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 169–188. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_11
Boneh, D., Franklin, M.: Efficient generation of shared RSA keys. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 425–439. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052253
Cramer, R., Damgård, I., Nielsen, J.B.: Multiparty computation from threshold homomorphic encryption. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 280–300. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_18
Damgård, I., Jurik, M.: A generalisation, a simplification and some applications of Paillier’s probabilistic public-key system. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 119–136. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44586-2_9
Damgård, I., Keller, M., Larraia, E., Pastro, V., Scholl, P., Smart, N.P.: Practical covertly secure MPC for dishonest majority – or: breaking the SPDZ limits. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 1–18. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40203-6_1
Damgård, I., Koprowski, M.: Practical threshold RSA signatures without a trusted dealer. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 152–165. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_10
Damgård, I., Mikkelsen, G.L.: Efficient, robust and constant-round distributed RSA key generation. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 183–200. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-11799-2_12
Damgård, I., Orlandi, C.: Multiparty computation for dishonest majority: from passive to active security at low cost. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 558–576. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_30
Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_38
Fouque, P.-A., Poupard, G., Stern, J.: Sharing decryption in the context of voting or lotteries. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 90–104. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45472-1_7
Frankel, Y., Gemmell, P., MacKenzie, P.D., Yung, M.: Optimal-resilience proactive public-key cryptosystems. In: Proceedings 38th Annual Symposium on Foundations of Computer Science, pp. 384–393. IEEE (1997)
Frankel, Y., MacKenzie, P.D., Yung, M.: Robust efficient distributed RSA-key generation. In: Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing, pp. 663–672 (1998)
Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Robust and efficient sharing of RSA functions. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 157–172. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_13
Hazay, C., Mikkelsen, G.L., Rabin, T., Toft, T., Nicolosi, A.A.: Efficient RSA key generation and threshold Paillier in the two-party setting. J. Cryptol. 32(2), 265–323 (2019)
Ishai, Y., Kushilevitz, E., Meldgaard, S., Orlandi, C., Paskin-Cherniavsky, A.: On the power of correlated randomness in secure computation. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 600–620. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36594-2_34
Lindell, Y.: How to simulate it-a tutorial on the simulation proof technique. In: Tutorials on the Foundations of Cryptography, pp. 277–346 (2017)
Nishide, T., Sakurai, K.: Distributed Paillier cryptosystem without trusted dealer. In: Chung, Y., Yung, M. (eds.) WISA 2010. LNCS, vol. 6513, pp. 44–60. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-17955-6_4
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16
Rabin, T.: A simplified approach to threshold and proactive RSA. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 89–104. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0055722
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Veugen, T., Attema, T., Spini, G.: An implementation of the Paillier crypto system with threshold decryption without a trusted dealer. Cryptology ePrint Archive (2019)
Acknowledgement
The authors would like to acknowledge the anonymous reviewers for their comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Correctness of the Protocol \(\Pi _{\textrm{Biprimarily}}\)
Correctness of the Protocol \(\Pi _{\textrm{Biprimarily}}\)
For the zero-knowledge proof of each party \(P_i\), the term \(\prod _{j=1}^n d_j \; \textrm{mod}\, N = g^{1/4(p_i+q_i)}\; \textrm{mod}\, N\) due to the homomorphism of discrete logarithm in the base g. Since \(\phi _1(N)=N+1-p_1-q_1\), the party \(P_1\) proves that he has committed to the correct value of \(\nu _1\) by having all the parties compute \(e_1= g^{1/4(N+1)} \; \textrm{mod}\, N\). For every other party except \(P_1\), the commitment value is \(e_i=g^0 \; \textrm{mod}\, N\) because \(\phi _i(N)=-(p_i+q_i)\).
For the biprimarily test, note that \(\phi (N)=N+1-p-q\) and \(\prod _{i=1}^n \nu _i= g^{\phi (N)/4}\). Since the Jacobi \({(\frac{g}{N})=1}\) and due to the Euler’s theorem, the parties check that \(g^{\phi (N)/4}= \pm 1\; \textrm{mod}\,\, N\).
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Hamidi, A., Ghodosi, H. (2023). Efficient Distributed Keys Generation of Threshold Paillier Cryptosystem. In: Bella, G., Doinea, M., Janicke, H. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2022. Lecture Notes in Computer Science, vol 13809. Springer, Cham. https://doi.org/10.1007/978-3-031-32636-3_7
Download citation
DOI: https://doi.org/10.1007/978-3-031-32636-3_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-32635-6
Online ISBN: 978-3-031-32636-3
eBook Packages: Computer ScienceComputer Science (R0)