Article

Asynchronous verifiable secret sharing and proactive cryptosystems

Authors:
Christian Cachin

IBM Research, Zurich Research Laboratory, Rüschlikon, Switzerland

IBM Research, Zurich Research Laboratory, Rüschlikon, Switzerland
View Profile

,
Klaus Kursawe

IBM Research, Zurich Research Laboratory, Rüschlikon, Switzerland

IBM Research, Zurich Research Laboratory, Rüschlikon, Switzerland
View Profile

,
Anna Lysyanskaya

IBM Research, Zurich Research Laboratory, Rüschlikon, Switzerland

IBM Research, Zurich Research Laboratory, Rüschlikon, Switzerland
View Profile

,
Reto Strobl

IBM Research, Zurich Research Laboratory, Rüschlikon, Switzerland

IBM Research, Zurich Research Laboratory, Rüschlikon, Switzerland
View Profile

CCS '02: Proceedings of the 9th ACM conference on Computer and communications securityNovember 2002Pages 88–97https://doi.org/10.1145/586110.586124

Published:18 November 2002Publication History

CCS '02: Proceedings of the 9th ACM conference on Computer and communications security

Pages 88–97

ABSTRACT

Verifiable secret sharing is an important primitive in distributed cryptography. With the growing interest in the deployment of threshold cryptosystems in practice, the traditional assumption of a synchronous network has to be reconsidered and generalized to an asynchronous model. This paper proposes the first practical verifiable secret sharing protocol for asynchronous networks. The protocol creates a discrete logarithm-based sharing and uses only a quadratic number of messages in the number of participating servers. It yields the first asynchronous Byzantine agreement protocol in the standard model whose efficiency makes it suitable for use in practice. Proactive cryptosystems are another important application of verifiable secret sharing. The second part of this paper introduces proactive cryptosystems in asynchronous networks and presents an efficient protocol for refreshing the shares of a secret key for discrete logarithm-based sharings.

References

M. Ben-Or, R. Canetti, and O. Goldreich. Asynchronous secure computation. In Proc. 25th Annual ACM Symp. on Theory of Computing, 1993.]] Google ScholarDigital Library
G. Bracha. An asynchronous {(n-1)/3}-resilient consensus protocol. In Proc. 3rd ACM Symp. on Principles of Dist. Computing, pages 154--162, 1984.]] Google ScholarDigital Library
C. Cachin, K. Kursawe, F. Petzold, and V. Shoup. Secure and efficient asynchronous broadcast protocols (extended abstract). In J. Kilian, editor, CRYPTO 2001, volume 2139 of LNCS, pages 524--541. Springer, 2001.]] Google ScholarDigital Library
C. Cachin, K. Kursawe, and V. Shoup. Random oracles in Constantinople: Practical asynchronous Byzantine agreement using cryptography. In Proc. 19th ACM Symp. on Principles of Distributed Computing, pages 123--132, 2000.]] Google ScholarDigital Library
R. Canetti. Studies in Secure Multiparty Computation and Applications. PhD thesis, Weizmann Institute, 1995.]]Google Scholar
R. Canetti, R. Gennaro, A. Herzberg, and D. Naor. Proactive security: Long-term protection against break-ins. RSA Laboratories' CryptoBytes, 3(1), 1997.]]Google Scholar
R. Canetti, O. Goldreich, and S. Halevi. The random oracle methodology, revisited. In Proc. 30th Annual ACM Symp. on Theory of Computing, pages 209--218, 1998.]] Google ScholarDigital Library
R. Canetti, S. Halevi, and A. Herzberg. Maintaining authenticated communication in the presence of break-ins. J. Cryptology, 13(1):61--106, 2000.]]Google ScholarDigital Library
R. Canetti and T. Rabin. Fast asynchronous Byzantine agreement with optimal resilience. In Proc. 25th Annual ACM Symp. on Theory of Computing, pages 42--51, 1993.]] Google ScholarDigital Library
M. Castro and B. Liskov. Proactive recovery in Byzantine-fault-tolerant systems. In Proc. 3rd USENIX Symposium on Operating System Design and Implementation (OSDI'99), 1999.]] Google ScholarDigital Library
B. Chor, S. Goldwasser, S. Micali, and B. Awerbuch. Verifiable secret sharing and achieving simultaneity in the presence of faults. In Proc. 26th IEEE Symp. on Found. of Computer Science, pages 383--395, 1985.]]Google ScholarDigital Library
Y. Desmedt. Threshold cryptography. European Trans. on Telecommunications, 5(4):449--457, 1994.]]Google ScholarCross Ref
M. J. Fischer, N. A. Lynch, and M. S. Paterson. Impossibility of distributed consensus with one faulty process. J. ACM, 32(2):374--382, Apr. 1985.]] Google ScholarDigital Library
R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Secure key generation for discrete-log based cryptosystems. In J. Stern, editor, EUROCRYPT '99, volume 1592 of LNCS, pages 295--310. Springer, 1999.]]Google Scholar
S. Goldwasser, S. Micali, and C. Rackoff. The knowledge complexity of interactive proof systems. SIAM J. Computing, 18(1):186--208, Feb. 1989.]] Google ScholarDigital Library
S. Goldwasser, S. Micali, and R. L. Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Computing, 17(2):281--308, Apr. 1988.]] Google ScholarDigital Library
V. Hadzilacos and S. Toueg. Fault-tolerant broadcasts and related problems. In S. J. Mullender, editor, Distributed Systems. ACM Press & Addison-Wesley, New York, 1993.]] Google ScholarDigital Library
A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung. Proactive secret sharing or how to cope with perpetual leakage. In D. Coppersmith, editor, CRYPTO '95, volume 963 of LNCS, pages 339--352. Springer, 1995.]] Google ScholarDigital Library
L. Lamport, R. Shostak, and M. Pease. The Byzantine generals problem. ACM Trans. on Programming Languages and Systems, 4(3):382--401, July 1982.]] Google ScholarDigital Library
R. Ostrovsky and M. Yung. How to withstand mobile virus attacks. In Proc. 10th ACM Symp. on Principles of Distributed Computing, pages 51--59, 1991.]] Google ScholarDigital Library
M. Pease, R. Shostak, and L. Lamport. Reaching agreement in the presence of faults. J. ACM, 27(2):228--234, Apr. 1980.]] Google ScholarDigital Library
T. P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In J. Feigenbaum, editor, CRYPTO '91, volume 576 of LNCS, pages 129--140. Springer, 1992.]] Google ScholarDigital Library
V. Shoup. Practical threshold signatures. In B. Preneel, editor, EUROCRYPT 2000, volume 1087 of LNCS, pages 207--220. Springer, 2000.]]Google Scholar
L. Zhou. Towards fault-tolerant and secure on-line services. PhD thesis, Cornell University, USA, 2001.]] Google ScholarDigital Library

Asynchronous verifiable secret sharing and proactive cryptosystems
1. Information systems
  1. Data management systems
    1. Data structures
      1. Data layout
2. Security and privacy

Recommendations

Paillier-based publicly verifiable (non-interactive) secret sharing

A verifiable secret sharing is a secret sharing scheme with an untrusted dealer that allows participants to verify validity of their own shares. A publicly verifiable secret sharing (PVSS) scheme is a verifiable secret sharing scheme that allows a third ...
Read More
Attacks to some verifiable multi-secret sharing schemes and two improved schemes

Secret sharing plays an important role in protecting confidential information from being lost, destroyed, or falling into wrong hands. Verifiable multi-secret sharing enables a dealer to share multiple secrets among a group of participants such that the ...
Read More
Non-malleable secret sharing
STOC 2018: Proceedings of the 50th Annual ACM SIGACT Symposium on Theory of Computing

A number of works have focused on the setting where an adversary tampers with the shares of a secret sharing scheme. This includes literature on verifiable secret sharing, algebraic manipulation detection(AMD) codes, and, error correcting or detecting ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CCS '02: Proceedings of the 9th ACM conference on Computer and communications security
November 2002
284 pages
ISBN:1581136129
DOI:10.1145/586110
Editor:
Vijay Atluri
Rutgers University
,
General Chair:
Sushil Jajodia
George Mason University
,
Program Chair:
Ravi Sandhu
SingleSignOn.Net and George Mason University
Copyright © 2002 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 18 November 2002
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
asynchronous
model
proactive
secret sharing
Qualifiers
- Article
Conference

Acceptance Rates
Overall Acceptance Rate1,261of6,999submissions,18%
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 98
  Total Citations
  View Citations
- 1,471
  Total Downloads
- Downloads (Last 12 months)78
- Downloads (Last 6 weeks)12
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Asynchronous verifiable secret sharing and proactive cryptosystems

CCS '02: Proceedings of the 9th ACM conference on Computer and communications security

ABSTRACT

References

Cited By

Recommendations

Paillier-based publicly verifiable (non-interactive) secret sharing

Attacks to some verifiable multi-secret sharing schemes and two improved schemes

Non-malleable secret sharing