Practical Large-Scale Distributed Key Generation

  • John Canny
  • Stephen Sorkin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3027)

Abstract

Generating a distributed key, where a constant fraction of the players can reconstruct the key, is an essential component of many large-scale distributed computing tasks such as fully peer-to-peer computation and voting schemes. Previous solutions relied on a dedicated broadcast channel and had at least quadratic cost per player to handle a constant fraction of adversaries, which is not practical for extremely large sets of participants. We present a new distributed key generation algorithm, sparse matrix DKG, for discrete-log based cryptosystems that requires only polylogarithmic communication and computation per player and no global broadcast. This algorithm has nearly the same optimal threshold as previous ones, allowing up to a \(\frac{1}{2}-\epsilon\) fraction of adversaries, but is probabilistic and has an arbitrarily small failure probability. In addition, this algorithm admits a rigorous proof of security. We also introduce the notion of matrix evaluated DKG, which encompasses both the new sparse matrix algorithm and the familiar polynomial based ones.

Keywords

Threshold Cryptography Distributed Key Generation Discrete Logarithm Random Walk Linear Algebra 

References

  1. 1.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the First ACM Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  2. 2.
    Blakley, G.R.: Safeguarding cryptographic keys 48, 313–317 (1979)Google Scholar
  3. 3.
    Cachin, C., Kursawe, K., Shoup, V.: Random oracles in constantipole: Practical asynchronous byzantine agreement using cryptography (extended abstract). In: Proceedings of the Nineteenth Annual ACM Symposium on Principles of Distributed Computing, pp. 123–132. ACM Press, New York (2000)CrossRefGoogle Scholar
  4. 4.
    Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 295. Springer, Heidelberg (1999)Google Scholar
  5. 5.
    Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Revisiting the distributed key generation for discrete-log based cryptosystems (2003)Google Scholar
  6. 6.
    Lamport, L., Shostak, R., Pease, M.: The byzantine generals problem. ACM Transactions on Programming Languages and Systems (TOPLAS) 4, 382–401 (1982)MATHCrossRefGoogle Scholar
  7. 7.
    Lindell, Y., Lysyanskaya, A., Rabin, T.: On the composition of authenticated byzantine agreement. In: Proceedings of the Thirty-fourth Annual ACM Symposium on Theory of Computing, pp. 514–523. ACM Press, New York (2002)CrossRefGoogle Scholar
  8. 8.
    Pedersen, T.P.: A threshold cryptosystem without a trusted party. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 522–526. Springer, Heidelberg (1991)Google Scholar
  9. 9.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • John Canny
    • 1
  • Stephen Sorkin
    • 1
  1. 1.University of CaliforniaBerkeleyUSA

Personalised recommendations