Authenticated Broadcast with a Partially Compromised Public-Key Infrastructure

  • S. Dov Gordon
  • Jonathan Katz
  • Ranjit Kumaresan
  • Arkady Yerukhimovich
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6366)


Given a public-key infrastructure (PKI) and digital signatures, it is possible to construct broadcast protocols tolerating any number of corrupted parties. Almost all existing protocols, however, do not distinguish between corrupted parties (who do not follow the protocol), and honest parties whose secret (signing) keys have been compromised (but who continue to behave honestly). We explore conditions under which it is possible to construct broadcast protocols that still provide the usual guarantees (i.e., validity/agreement) to the latter.

Consider a network of n parties, where an adversary has compromised the secret keys of up to t c honest parties and, in addition, fully controls the behavior of up to t a other parties. We show that for any fixed t c  > 0, and any fixed t a , there exists an efficient protocol for broadcast if and only if 2t a  + min (t a , t c ) < n. (When t c  = 0, standard results imply feasibility.) We also show that if t c , t a are not fixed, but are only guaranteed to satisfy the bound above, then broadcast is impossible to achieve except for a few specific values of n; for these “exceptional” values of n, we demonstrate a broadcast protocol. Taken together, our results give a complete characterization of this problem.


Broadcast Protocol Honest Party Byzantine Agreement Corrupted Party Honest User 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Dolev, D., Strong, H.: Authenticated algorithms for Byzantine agreement. SIAM Journal on Computing 12(4), 656–666 (1983)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: 49th Annual Symposium on Foundations of Computer Science (FOCS), pp. 293–302. IEEE, Los Alamitos (2008), Google Scholar
  3. 3.
    Fitzi, M., Holenstein, T., Wullschleger, J.: Multi-party computation with hybrid security. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 419–438. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Gordon, S., Katz, J., Kumaresan, R., Yerukhimovich, A.: Authenticated broadcast with a partially compromised public-key infrastructure (2009),
  5. 5.
    Gupta, A., Gopal, P., Bansal, P., Srinathan, K.: Authenticated Byzantine generals in dual failure model. In: Distributed Computing and Networking (ICDCN). LNCS, vol. 5935, pp. 79–91. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  7. 7.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  8. 8.
    Lamport, L., Shostak, R.E., Pease, M.C.: The Byzantine generals problem. ACM Trans. Programming Language Systems 4(3), 382–401 (1982)CrossRefzbMATHGoogle Scholar
  9. 9.
    MS00-008: Incorrect registry setting may allow cryptography key compromise. Microsoft Help and Support,
  10. 10.
    Nguyen, P.Q.: Can we trust cryptographic software? Cryptographic flaws in GNU privacy guard v1.2.3. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 555–570. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  11. 11.
    Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks. In: 10th Annual ACM Symposium on Principles of Distributed Computing (PODC), pp. 51–59. ACM Press, New York (1991)CrossRefGoogle Scholar
  12. 12.
    Pease, M., Shostak, R.E., Lamport, L.: Reaching agreement in the presence of faults. J. ACM 27(2), 228–234 (1980)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • S. Dov Gordon
    • 1
  • Jonathan Katz
    • 1
  • Ranjit Kumaresan
    • 1
  • Arkady Yerukhimovich
    • 1
  1. 1.Dept. of Computer ScienceUniversity of MarylandUSA

Personalised recommendations