Threshold cryptosystems

  • Yvo Desmedt
  • Yair Frankel
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 435)


In a society oriented cryptography it is better to have a public key for the company (organization) than having one for each individual employee [Des88]. Certainly in emergency situations, power is shared in many organizations. Solutions to this problem were presented [Des88], based on [GMW87], but are completely im- practical and interactive. In this paper practical non-interactive public key systems are proposed which allow the reuse of the shared secret key since the key is not revealed either to insiders or to outsiders.


Signature Scheme Security Policy Partial Result Lagrange Interpolation Threshold Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [AB80]
    C. Asmuth and J. Bloom. A modular approach to key safeguarding. Technical report, Math Dept., Texas A & M Univ., College Station, Tx., 1980.Google Scholar
  2. [Bla79]
    G. R. Blakley. Safeguarding cryptographic keys. In Proc. Nat. Computer Conf. AFIPS Conf. Proc, pages 313–317, 1979. vol.48.Google Scholar
  3. [BvOV88]
    I. F. Blake, P. C. van Oorschot, and S. Vanstone. Complexity issues for public key cryptography. In J. K. Skwirzynski, editor, Performance Limits in Communication, Theory and Practice, NATO ASI Series E: Applied Sciences-VoL 142, pages 75–97. Kluwer Academic Publishers, 1988. Proceedings of the NATO Advanced Study Institute II Ciocco, Castelvecchio Pascoli, Tuscany, Italy, July 7–19, 1986.Google Scholar
  4. [Cha81]
    D. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM, 24(2):84–88, February 1981.CrossRefGoogle Scholar
  5. [Cha88]
    D. Chaum. The dining cryptographers problem: unconditional sender and recipient untraceability. Journal of Cryptology, 1(1):65–75, 1988.zbMATHCrossRefMathSciNetGoogle Scholar
  6. [Den82]
    D. E. R. Denning. Cryptography and Data Security. Addison — Wesley, Reading, Mass., 1982.zbMATHGoogle Scholar
  7. [Des88]
    Y. Desmedt. Society and group oriented cryptography: a new concept. In C. Pomerance, editor, Advances in Cryptology, Proc. of Crypto’ 87 (Lecture Notes in Computer Science 293), pages 120–127. Springer-Verlag, 1988. Santa Barbara, California, U.S.A., August 16–20.Google Scholar
  8. [DH76]
    W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Trans. Inform. Theory, IT-22(6):644–654, November 1976.CrossRefMathSciNetGoogle Scholar
  9. [E1G85]
    T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inform. Theory, 31:469–472, 1985.zbMATHCrossRefMathSciNetGoogle Scholar
  10. [Fra89]
    Y. Frankel. A practical protocol for large group oriented networks. Presented at Eurocrypt’89, Houthalen, Belgium, to appear in: Advances in Cryptology. Proc. of Eurocrypt’89 (saLecture Notes in Computer Science), Springer-Verlag, April 1989.Google Scholar
  11. [GMR89]
    S. Goldwasser, S. Micali, and C. Rackoff. The knowledge complexity of interactive proof systems. Siam J. Comput., 18(1):186–208, February 1989.zbMATHCrossRefMathSciNetGoogle Scholar
  12. [GMW87]
    O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game. In Proceedings of the Nineteenth ACM Symp. Theory of Computing, STOC, pages 218–229, May 25–27, 1987.Google Scholar
  13. [GQ88]
    L. C. Guillou and J. J. Qisquater. A “pardoxical” identity-based signature scheme resulting from zero-knowledge. Presented at Crypto’88, Santa Barbara, California, U.S.A., to appear in: Advances in Cryptology. Proc. of Crypto’88 (saLecture Notes in Computer Science), Springer-Verlag, August 1988.Google Scholar
  14. [IBV85]
    R.C. Mullin I.F. Blake, R. Fuji-Hara and S.A. Vanstone. Computing logrithms in a finite field of characteristic two. SIAM J. Alg. Disc. Meth., 5:276–285, 1985.MathSciNetGoogle Scholar
  15. [Kob87]
    N. Koblitz. A Course in Number Theory and Cryptology. Springer-Verlang, 1987.Google Scholar
  16. [Odl84]
    A. M. Odlyzko. Discrete logs in a finite field and their cryptographic significance. In N. Cot T. Beth and I. Ingemarsson, editors, Advances in Cryptology, Proc. of Eurocrypt’84 (Lecture Notes in Computer Science 209), pages 224–314. Springer-Verlag, 1984. Paris, France April 1984.Google Scholar
  17. [Sha79]
    A. Shamir. How to share a secret. Commun. ACM, 22:612–613, November 1979.zbMATHCrossRefMathSciNetGoogle Scholar
  18. [Sim88]
    G. J. Simmons. How to (really) share a secret. Presented at Crypto’88, Santa Barbara, California, U.S.A., to appear in: Advances in Cryptology. Proc. of Crypto’88 (saLecture Notes in Computer Science), Springer-Verlag, August 1988.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1990

Authors and Affiliations

  • Yvo Desmedt
    • 1
  • Yair Frankel
    • 1
  1. 1.EE & CS DepartmentUniversity of Wisconsin-MilwaukeeMilwaukee

Personalised recommendations