One Round Threshold Discrete-Log Key Generation without Private Channels

  • Pierre-Alain Fouque
  • Jacques Stern
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1992)

Abstract

Pedersen designed the first scheme for generating Discrete- Log keys without any trusted dealer in 1991. As this protocol is simple and efficient, it appeared to be very attractive. For a long time, this robust algorithm has been trusted as being secure. However, in 1999, Gennaro et al. proved that one of the requirements is not guaranteed : more precisely, the property that the key is uniformly distributed in the key space. Their main objective was to repair the security flaw without sacrificing on efficiency. As a result, the protocol became secure but somehow unpractical. In particular, the “complaint phase”, in which cheaters are thrown out, makes the scheme overly complex and difficult to deal with in practical situations. In order to avoid this phase and other drawbacks such as the initialization phase where private channels have to be created, we present a one round scheme which generates a discrete-log key with public channels only. Finally, we show how to improve the efficiency of our algorithm when the number of servers increases.

Key words

Threshold DLK Generation Publicly Verifiable Encryption Adaptive and Concurrent Adversary 

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Pierre-Alain Fouque
    • 1
  • Jacques Stern
    • 1
  1. 1.Département d'InformatiqueÉcole Normale SupérieureParis Cedex 05France

Personalised recommendations