caa a22 4500 475827171 CHVBK 20180406123831.0 cr unu---uuuuu 170329e20000301xx s 000 0 eng 10.1007/s001459910011 doi (NATIONALLICENCE)springer-10.1007/s001459910011 Robust and Efficient Sharing of RSA Functions [Elektronische Daten] [Rosario Gennaro, Tal Rabin, Stanislav Jarecki, Hugo Krawczyk] Abstract. : We present two efficient protocols which implement robust threshold RSA signature schemes, where the power to sign is shared by N players such that any subset of T+1 or more signers can collaborate to produce a valid RSA signature on any given message, but no subset of T or less corrupted players can forge a signature. Our protocols are robust in the sense that the correct signature is computed even if up to T players behave in an arbitrarily malicious way during the signature protocol. This, in particular, includes the cases of players who refuse to participate or who introduce erroneous values into the computation. Our robust protocols achieve optimal resiliency as they can tolerate up to (N-1)/2 faults, and their efficiency is comparable with the efficiency of the underlying threshold RSA signature scheme. Our protocols require RSA moduli which are the product of two safe primes, and that the underlying (centralized) RSA signature scheme is unforgeable. Our techniques also apply to the secure sharing of the RSA decryption function. We show that adding robustness to the existing threshold RSA schemes reduces to solving the problem of how to verify an RSA signature without a public verification International Association for Cryptologic Research, 2000 Key words. RSA signatures, Threshold RSA, Threshold cryptography nationallicence Gennaro Rosario IBM T.J. Watson Research Center, Yorktown Heights, PO Box 704, 10598, NY, U.S.A aut Rabin Tal IBM T.J. Watson Research Center, Yorktown Heights, PO Box 704, 10598, NY, U.S.A aut Jarecki Stanislav Laboratory of Computer Science, Massachusetts Institute of Technology, 545 Technology Square, 02139, Cambridge, MA, U.S.A aut Krawczyk Hugo Department of Electrical Engineering, Technion, 32000, Haifa, Israel aut Journal of Cryptology Springer Berlin Heidelberg 13/2(2000-03-01), 273-300 0933-2790 13:2<273 2000 13 145 https://doi.org/10.1007/s001459910011 text/html Onlinezugriff via DOI 1 research-article jats NATIONALLICENCE 856 40 https://doi.org/10.1007/s001459910011 text/html Onlinezugriff via DOI NATIONALLICENCE 700 1- Gennaro Rosario IBM T.J. Watson Research Center, Yorktown Heights, PO Box 704, 10598, NY, U.S.A aut NATIONALLICENCE 700 1- Rabin Tal IBM T.J. Watson Research Center, Yorktown Heights, PO Box 704, 10598, NY, U.S.A aut NATIONALLICENCE 700 1- Jarecki Stanislav Laboratory of Computer Science, Massachusetts Institute of Technology, 545 Technology Square, 02139, Cambridge, MA, U.S.A aut NATIONALLICENCE 700 1- Krawczyk Hugo Department of Electrical Engineering, Technion, 32000, Haifa, Israel aut NATIONALLICENCE 773 0- Journal of Cryptology Springer Berlin Heidelberg 13/2(2000-03-01), 273-300 0933-2790 13:2<273 2000 13 145 Metadata rights reserved Springer special CC-BY-NC licence nationallicence SWISSBIB 463436679 BK010053 XK010053 XK010000 NATIONALLICENCE NATIONALLICENCE NL-springer