Skip to main content
SpringerLink
Log in

Threshold Cryptography

  • Reference work entry
Encyclopedia of Cryptography and Security

Introduction

In modern cryptography most schemes have been developed for a scenario with one sender and one receiver. However, there are scenarios in which many receivers (or many senders) need to share the power to use a cryptosystem. The main motivation for threshold cryptography was to develop techniques to deal with the multi-sender/multi-receiver scenarios.

To illustrate the aforementioned scenarios we first discuss several particular cases of threshold cryptography to clarify its importance. To motivate threshold decryption, take the setting of key escrow [4, p. 210]. In Micali's approach [33] as well as the NIST proposal Clipper Chip proposal [7], a threshold scheme is used. Key Escrow agents have sharesof each user's secret key. When a court order is received, the law enforcement receives these shares from the Key Escrow agents. This permits recovering the user's secret key. A major disadvantage of these schemes is that once these shares of a user have been provided, the law...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

  1. Albert, A.A. (1943). “Quasigroups I.” Transactions of the American Mathematical Society, 54, 507–519.

    Article  MATH  MathSciNet  Google Scholar 

  2. Bao, F., R. Deng, Y. Han, and A. Jeng (1997). “Design and analysis of two basic protocols for use in TTP-based key escrow.” Information Security and Privacy, Second Australian Conference, ACISP'97, Sydney, NSW, Australia, July 7–9, Lecture Notes in Computer Science, vol. 1270, eds. V. Varadharajan, J. Pieprzyk, and Y. Mu. Springer-Verlag, Berlin, 261–270.

    Google Scholar 

  3. Benaloh, J.C. (1987). “Secret sharing homomorphisms: Keeping shares of a secret secret.” Advances in Cryptology—CRYPTO'86, Santa Barbara, CA, August 11–15, Lecture Notes in Computer Science, vol. 263, ed. A. Odlyzko. Springer-Verlag, Berlin, 251–260.

    Google Scholar 

  4. Beth, T. (1990). “Zur Sicherheit der Informationstechnik.” Informatik-Spektrum, 13, 204–215 (in German).

    Google Scholar 

  5. Boneh, D. and M. Franklin (1997). “Efficient generation of shared RSA keys.” Advances in Cryptology—CRYPTO'97, Santa Barbara, CA, August 17–21, Lecture Notes in Computer Science, vol. 1294, ed. B.S. Kaliski. Springer-Verlag, Berlin, 425–439.

    Google Scholar 

  6. Chen, L., D. Gollmann, and C. Mitchell (1997). “Key escrow in mutually mistrusting domains.” Security Protocols, Cambridge, UK, April 10–12, Lecture Notes in Computer Science, vol. 1189, ed. M. Lomas. Springer-Verlag, Berlin, 139–153.

    Google Scholar 

  7. A proposed federal information processing standard for an escrowed encryption standard (EES). Federal Register, July 30, 1993.

    Google Scholar 

  8. Cramer, R. and S. Fehr (2002). “Optimal black-box secret sharing over arbitrary abelian groups.” Advances in Cryptology—CRYPTO 2002, Santa Barbara, CA, August 18–22, Lecture Notes in Computer Science, vol. 2442, ed. M. Yung. Springer-Verlag, Berlin, 272–287.

    Google Scholar 

  9. Di Crescenzo, G. and Y. Frankel (1999). “Existence of multiplicative secret sharing schemes with polynomial share expansion.” Proceedings of the Tenth Annual ACM-SIAM Symposium on Discrete Algorithms, January, 17–19, Baltimore, MD.

    Google Scholar 

  10. De Santis, A., Y. Desmedt, Y. Frankel, and M. Yung (1994). “How to share a function securely.” Proceedings of the Twenty-Sixth Annual ACM Symposium. Theory of Computing (STOC), May 23–25, Montréal, Québec, Canada, ACM Press, 522–533.

    Google Scholar 

  11. Desmedt, Y., G. Di Crescenzo, and M. Burmester (1995). “Multiplicative non-abelian sharing schemes and their application to threshold cryptography.” Advances in Cryptology—Asiacrypt'94, Wollongong, November–December 1994, Lecture Notes in Computer Science, vol. 917, eds. J. Pieprzyk and R. Safavi-Naini. Springer-Verlag, Berlin, 21–32.

    Google Scholar 

  12. Desmedt, Y. and Y. Frankel (1990). “Threshold cryptosystems.” Advances in Cryptology—CRYPTO'89, Santa Barbara, CA, August 20–24, Lecture Notes in Computer Science, vol. 435, ed. G. Brassard. Springer-Verlag, Berlin, 307–315.

    Google Scholar 

  13. Desmedt, Y. and S. Jajodia (1997). “Redistributing secret shares to new access structures and its applications.” Technical Report ISSE-TR-97-01, George Mason University, July, ftp://isse.gmu.edu/ pub/techrep/97_01_jajodia.ps.gz

    Google Scholar 

  14. Desmedt, Y.G. (1994). “Threshold cryptography.” European Trans. on Elecommunications, 5 (4), 449–457 (Invited paper).

    Article  MathSciNet  Google Scholar 

  15. Desmedt, Y.G. and Y. Frankel (1994). “Homomorphic zero-knowledge threshold schemes over any finite abelian group.” SIAM Journal on Discrete Mathematics, 7 (4), 667–679.

    Article  MATH  MathSciNet  Google Scholar 

  16. Desmedt, Y. (1988). “Society and group oriented cryptography: A new concept.” Advances in Cryptology—CRYPTO'87, Santa Barbara, CA, August 16–20, Lecture Notes in Computer Science, vol. 293, ed. C. Pomerance. Springer-Verlag, Berlin, 120–127.

    Google Scholar 

  17. Desmedt, Y. (1993). “Threshold cryptosystems.” Advances in Cryptology—ASIACRIPT'92, Old Coast, Queensland, December, Lecture Notes in Computer Science, vol. 718, eds. J. Seberry and Y. Zheng. Springer-Verlag, Berlin, 3–14 (Invited paper).

    Google Scholar 

  18. Desmedt, Y. (1997). “Some recent research aspects of threshold cryptography.” Information Security, proceedings, September 17–19, 1997, Tatsunokuchi, Ishikawa, Japan. Lecture Notes in Computer Science, vol. 1396, eds. E. Okamoto, G. Davida, and M. Mambo. Springer-Verlag, Berlin, 158–173. (Invited Lecture).

    Google Scholar 

  19. Frankel, Y. and Y. Desmedt (1992). “Parallel reliable threshold multisignature.” Tech. Report TR-92-04-02, Dept. of EE & CS, University of Wisconsin–Milwaukee, ftp://ftp.cs.uwm.edu/ pub/tech_reports/desmedt-rsa-threshold_92.ps

    Google Scholar 

  20. Frankel, Y. and Y. Desmedt (1992). “Classification of ideal homomorphic threshold schemes over finite Abelian groups.” Advances in Cryptology—EUROCRYPT'92, Balatonfüred, Hungary, Lecture Notes in Computer Science, vol. 658, ed. R.A. Rueppel. Springer-Verlag, Berlin, 25–34.

    Google Scholar 

  21. Frankel, Y., Y.P. Gemmell, P.D. MacKenzie, and M. Yung (1997). “Optimal resilience proactive public key cryptosystems.” 38th Annual Symp. on Foundations of Computer Science (FOCS), October 20–22, Miami Beach, FL, USA. IEEE Computer Society Press, Los Abumitos, CA.

    Google Scholar 

  22. Frankel, Y., P. Gemmell, P.D. MacKenzie, and M. Yung (1997). “Proactive RSA.” Advances in Cryptology—CRYPTO'97, Santa Barbara, CA, August 17–21, Lecture Notes in Computer Science, vol. 1294, ed. B. S. Kaliski. Springer-Verlag, Berlin, 440–454.

    Google Scholar 

  23. Frankel, Y., P. Gemmell, and M. Yung (1996). “Witness-based cryptographic program checking and robust function sharing.” Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, ACM Press. May 22–24, 499–508.

    Google Scholar 

  24. Frankel, Y., Y. Desmedt, and M. Burmester (1993). “Non-existence of homomorphic general sharing schemes for some key spaces.” Advances in Cryptology—CRYPTO'92, Santa Barbara, CA, August 16–20, Lecture Notes in Computer Science, vol. 740, ed. E. F. Brickell. Springer-Verlag, Berlin, 549–557.

    Google Scholar 

  25. Gennaro, R., S. Jarecki, H. Krawczyk, and T. Rabin (1996). “Robust and efficient sharing of RSA functions.” Advances in Cryptology—CRYPTO'96, Santa Barbara, CA, August 18–22, Lecture Notes in Computer Science, vol. 1109, ed. N. Koblitz. Springer-Verlag, Berlin, 157–172.

    Google Scholar 

  26. Gennaro, R., S. Jarecki, H. Krawczyk, and T. Rabin (1996). “Robust threshold DSS signatures.” Advances in Cryptology—EUROCRYPT'96, Zaragoza, Spain, May 12–16, Lecture Notes in Computer Science, vol. 1070, ed. U. Maurer. Springer-Verlag, Berlin, 354–371.

    Google Scholar 

  27. Herzberg, A., S. Jarecki, H. Krawczyk, and M. Yung, (1995). “Proactive secret sharing.” Advances in Cryptology—CRYPTO'95, Santa Barbara, CA, August 27–31, Lecture Notes in Computer Science, vol. 963, ed. D. Coppersmith. Springer-Verlag, Berlin, 339–352.

    Google Scholar 

  28. Jacobson, N. (1985). Basic Algebra I. W. H. Freeman and Company, New York.

    MATH  Google Scholar 

  29. Jacobson, N. (1989). Basic Algebra II. W. H. Freeman and Company, New York.

    MATH  Google Scholar 

  30. King, B. (1976). “Improved methods to perform threshold RSA.” Advances in Cryptology—ASIACRYPT 2000, December 2000, Kyoto, Japan, Lecture Notes in Computer Science, vol. 1976, ed. T. Okamoto. Springer-Verlag, Berlin, 359–372.

    Google Scholar 

  31. King, B. (2000). “Algorithms to speed up computations in threshold RSA.” Information Security and Privacy, 5th Australian Conference, ACISP2000, Brisbane, Australia, July 10–12, Lecture Notes in Computer Science, vol. 1841, eds. E. Dawson, A. Clark, and C. Boyd. Springer-Verlag, Berlin, 443–456.

    Google Scholar 

  32. Langford, S.K. (1995). “Threshold DSS signatures without a trusted party.” Advances in Cryptology—CRYPTO'95, Santa Barbara, CA, August 27–31, Lecture Notes in Computer Science, vol. 963, ed. D. Coppersmith. Springer-Verlag, Berlin, 397–409.

    Google Scholar 

  33. Micali, S. (1993). “Fair public-key cryptosystems.” Advances in Cryptology—CRYPTO'92, Santa Barbara, CA, August 16–20, Lecture Notes in Computer Science, vol. 740, ed. E.F. Brickell. Springer-Verlag, Berlin, 113–138.

    Google Scholar 

  34. Ostrovsky, R. and M. Yung (1991). “How to withstand mobile virus attacks.” Proceedings of the 10-th Annual ACM Symp. on Principles of Distributed Computing, August 19–21, Montreal, Quebec, Canada, ACM Press 51–60.

    Google Scholar 

  35. Pedersen, T.P. (1991). “A threshold cryptosystem without a trusted party.” Advances in Cryptology—EUROCRYPT'91, April 1991, Brighton, UK, Lecture Notes in Computer Science, vol. 547, ed. D.W. Davies. Springer-Verlag, Berlin, 522–526.

    Google Scholar 

  36. Poupard, G. and J. Stern (1998). “Generation of shared RSA keys by two parties.” Advances in Cryptology—ASIACRYPT'98, Beijing, China, Ocotober, Lecture Notes in Computer Science, vol. 1514, eds. K. Ohta and D. Pei. Springer-Verlag, Berlin, 11–24.

    Google Scholar 

  37. Rabin, T. (1998). “A simplified approach to threshold and proactive RSA.” Advances in Cryptology—CRYPT'98, Lecture Notes in Computer Science, vol. 1462, ed. H. Krawczyk. Springer, Berlin, 89–104.

    Google Scholar 

  38. Reiter, M.K. and K.P. Birman (1994). “How to securely replicate services.” ACM Transactions on Programming Languages and Systems, 16 (3), 986–1009.

    Article  Google Scholar 

  39. Shannon, C.E. (1949). “Communication theory of secrecy systems.” Bell System Techn. Jour., 28, 656–715.

    MathSciNet  MATH  Google Scholar 

  40. Shoup, V. (2000). “Practical threshold signatures.” Advances in Cryptology—EUROCRYPT 2000, Bruges, Belgium, May 14–18, Lecture Notes in Computer Science, vol. 1807, ed. B. Preneel. Springer-Verlag, Berlin, 207–220.

    Google Scholar 

Download references

Authors
  1. Yvo Desmedt
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Eindhoven University of Technology, Eindhoven, The Netherlands

    Henk C. A. van Tilborg

Rights and permissions

Reprints and permissions

Copyright information

© 2005 International Federation for Information Processing

About this entry

Cite this entry

Desmedt, Y. (2005). Threshold Cryptography. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_428

Download citation

Publish with us

Policies and ethics

Search

Navigation