Abstract
We present the work on HADKEG: a protocol for Highly Available Distributed Key Generation. The context is a highly sensitive redundant generation for use and redundant recovery of a set of symmetric cryptography keys. These keys need to be trusted (random) and secure against failures of randomness employment and leakages, and be available via a recovery procedure which needs to be redundant (high availability constraints) yet secure and consistent (i.e., the correct recovery has to be assured regardless of recovery server availability). The working environment allows for distributed key generating parties initiating the system, and a set of recovery and operating agents that hold the key and may be at time off-line. These very practical concrete security, redundancy (availability), and integrity requirements, that typify real world highly sensitive services, operate in a special environment where, as we said, not all recovery agents are available at all times, yet where transfers of encrypted information is semi-synchronous and globally available to parties that become on-line. In this architecture, it turned out, that the usually considered theoretical and costly transferable Zero-Knowledge proofs, actually help overcome the operational and integrity constraints. We present a protocol we implemented called HADKEG: Highly Available Distributed Key Generation. It combined distributed key generation, special encryption and transferable zero-knowledge proofs to achieve the practical goal in the working environment.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Digital Currency Exchanges, Wikipedia
Quadriga: The cryptocurrency exchange that lost 135 m. https://www.bbc.com/news/world-us-canada-47203706
Mt. Gox, Wikipeda
ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_2
Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. J. Cryptol. 20(1), 51–83 (2006)
Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18, 186–208 (1989)
Tsiounis, Y., Yung, M.: On the security of ElGamal based encryption. In: Imai, H., Zheng, Y. (eds.) PKC 1998. LNCS, vol. 1431, pp. 117–134. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054019
Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054851
Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_12
Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_22
Barker, E., Smid, M., Branstad, D., Chokhani, S.: NIST Special Publication 800-130: A Framework for Designing Cryptographic Key Management Systems. National Institute of Standards and Technology
Ateniese, G., Kamara, S., Katz, J.: Proofs of storage from homomorphic identification protocols. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 319–333. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_19
Barsoum, A.F., Hasan, M.A.: Provable multicopy dynamic data possession in cloud computing systems. IEEE Trans. Inf. Forensics Secur. 10(3), 485–497 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Yung, M., Paya, C., James, D. (2020). Zero-Knowledge to the Rescue: Consistent Redundant Backup of Keys Generated for Critical Financial Services. In: Dolev, S., Kolesnikov, V., Lodha, S., Weiss, G. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2020. Lecture Notes in Computer Science(), vol 12161. Springer, Cham. https://doi.org/10.1007/978-3-030-49785-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-49785-9_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-49784-2
Online ISBN: 978-3-030-49785-9
eBook Packages: Computer ScienceComputer Science (R0)