Abstract
Distributed certification via threshold cryptography is much more secure than other ways to protect certification authority (CA)'s private key, and can tolerate some intrusions. As the original system such as ITTC, etc., is unsafe, inefficient and impracitcal in actual network environment, this paper brings up a new distributed certification scheme, which although it generates key shares concentratively, it updates key shares distributedly, and so, avoids single-point failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol, but can also change the threshold (t, k) flexibly and robustly, and so, is much more practical. In this work, the authors implement the prototype system of the new scheme and test and analyze its performance.
Similar content being viewed by others
References
Boneh, D. and Franklin, M., 1997, Efficient Generation of Shared RSA Keys.In: Proceedings Crypto'97, Springer Press, California, p. 425–439.
Feldman, P., 1987. A Practical Scheme for Noninteractive Verifiable Secret Sharing.In: Proceedings of the 28th Symposium on Foundations of Computer Science, IEEE Computer Society Press, New York, p. 427–437.
Frankel, Y., MacKenzie, P. D. and Yung, M., 1998. Robust Efficient Distributed RSA-Key Generation.In: Proceeding of the thirtieth Annual ACM Symposium on Theory of Computing (STOC), ACM Press, New York, p. 663–672.
Malkin, M., Wu, T. and Boneh, D., 1999. Experimenting with Shared RSA Key Generation.In: Proceedings of the Internet Society's 1999 Symposium on Network and Distributed System Security (SNDSS), Springer Press, California, p. 43–56.
Malkin, M., Wu, T. and Boneh, D., 2000. Building Intrusion Tolerant Applications.In: Proceeding, of DARPA Information Survability Conference and Exposition, IEEE Computer Society Press, New York, 1: 74–87.
Open Security Socket Layer (OpenSSL), 2001. Available at http://www.open-ssl.org/
Public Key Cryptography Standard (PKCS), 2001. Available at http://www.rsa-security. com/rsalabs/pkcs/
Shamir, A., 1979. How to share a secret.Communications of ACM,22 (11): 612–613.
Request For Comment 2459 (RFC 2459), 2002. Available at http://www.ietf.org/rfc/
Author information
Authors and Affiliations
Additional information
Project supported by the Nature Science Foundation of China (No. 79974031) and Zhejiang Nature Science Foundation (No. 600014)
Rights and permissions
About this article
Cite this article
Duan-yang, L., Xue-zeng, P. & Ling-di, P. Distributed certification application via a trusted dealer. J. Zhejiang Univ. Sci. A 4, 555–559 (2003). https://doi.org/10.1631/jzus.2003.0555
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1631/jzus.2003.0555