CiteSeerX — Search Results — Multiparty Generation of an RSA Modulus.

Results 1 - 10 of 72

Efficient generation of shared RSA keys

by Dan Boneh, Matthew Franklin - Advances in Cryptology -- CRYPTO 97 , 1997

"... We describe efficient techniques for a number of parties to jointly generate an RSA key. At the end of the protocol an RSA modulus N = pq is publicly known. None of the parties know the factorization of N. In addition a public encryption exponent is publicly known and each party holds a share of the ..."

Abstract - Cited by 150 (5 self) - Add to MetaCart

We describe efficient techniques for a number of parties to jointly generate an RSA key. At the end of the protocol an RSA modulus N = pq is publicly known. None of the parties know the factorization of N. In addition a public encryption exponent is publicly known and each party holds a share

RSA modulus generation in the two-party case

by Gérald Gavin

"... Abstract. In this paper, secure two-party protocols are provided in order to securely generate a random k-bit RSA modulus n keeping its factorization secret. We first show that most existing two-party protocols based on Boneh’s test are not correct: an RSA modulus can be output in the malicious case ..."

Abstract - Add to MetaCart

Abstract. In this paper, secure two-party protocols are provided in order to securely generate a random k-bit RSA modulus n keeping its factorization secret. We first show that most existing two-party protocols based on Boneh’s test are not correct: an RSA modulus can be output in the malicious

Experimental Performance of Shared RSA Modulus Generation

by Rebecca N. Wright, Sara Spalding - In proceedings of SODA '99 , 1998

"... y ..."

Abstract - Cited by 3 (0 self) - Add to MetaCart

Abstract not found

RSA-Based Undeniable Signatures

by Rosario Gennaro, Hugo Krawczyk, Tal Rabin

"... We present the first undeniable signatures scheme based on RSA. Since their introduction in 1989 a significant amount of work has been devoted to the investigation of undeniable signatures. So far, this work has been based on discrete log systems. In contrast, our scheme uses regular RSA signature ..."

Abstract - Cited by 78 (5 self) - Add to MetaCart

signatures to generate undeniable signatures. In this new setting, both the signature and verification exponents of RSA are kept secret by the signer, while the public key consists of a composite modulus and a sample RSA signature on a single public message. Our scheme possesses several attractive properties

Experimenting with Shared Generation of RSA keys

by Michael Malkin, Thomas Wu, Dan Boneh , 1999

"... We describe an implementation of a distributed algorithm to generate a shared RSA key. At the end of the computation, an RSA modulus N = pq is publicly known. All servers involved in the computation are convinced that N is a product of two large primes, however none of them know the factorization of ..."

Abstract - Cited by 40 (0 self) - Add to MetaCart

We describe an implementation of a distributed algorithm to generate a shared RSA key. At the end of the computation, an RSA modulus N = pq is publicly known. All servers involved in the computation are convinced that N is a product of two large primes, however none of them know the factorization

Two Party RSA Key Generation

by Niv Gilboa - In Crypto ’99, LNCS 1666 , 1999

"... . We present a protocol for two parties to generate an RSA key in a distributed manner. At the end of the protocol the public key: a modulus N = PQ, and an encryption exponent e are known to both parties. Individually, neither party obtains information about the decryption key d and the prime fa ..."

Abstract - Cited by 34 (0 self) - Add to MetaCart

. We present a protocol for two parties to generate an RSA key in a distributed manner. At the end of the protocol the public key: a modulus N = PQ, and an encryption exponent e are known to both parties. Individually, neither party obtains information about the decryption key d and the prime

Fully distributed threshold RSA under standard assumptions

by Pierre-Alain Fouque, Jacques Stern - ADVANCES IN CRYPTOLOGY — ASIACRYPT 2001, VOLUME ??? OF LNCS , 2001

"... The aim of this article is to propose a fully distributed environment for the RSA scheme. What we have in mind is highly sensitive applications and even if we are ready to pay a price in terms of efficiency, we do not want any compromise of the security assumptions that we make. Recently Shoup propo ..."

Abstract - Cited by 24 (3 self) - Add to MetaCart

special assumption on the RSA modulus and this kind of RSA moduli cannot be easily generated in an efficient way with many players. Of course, it is still possible to call theoretical results on multiparty computation, but we cannot hope to design efficient protocols. The only practical result to generate

Digitally Watermarking RSA Moduli

by Anna Johnston , 2001

"... The moduli used in RSA (see [5]) can be generated by many di#erent sources. The generator of that modulus knows its factorization. They have the ability to forge signatures or break any system based on this moduli. If a moduli and the RSA parameters associated with it were generated by a reputable s ..."

Abstract - Add to MetaCart

The moduli used in RSA (see [5]) can be generated by many di#erent sources. The generator of that modulus knows its factorization. They have the ability to forge signatures or break any system based on this moduli. If a moduli and the RSA parameters associated with it were generated by a reputable

RSA Key Generation with Verifiable Randomness

by Ari Juels, Jorge Guajardo - In Public Key Cryptography 2002, LNCS 2274 , 2002

"... Abstract. We consider the problem of proving that a user has selected and correctly employed a truly random seed in the generation of her RSA key pair. This task is related to the problem of key validation, the process whereby a user proves to another party that her key pair has been generated secur ..."

Abstract - Cited by 9 (2 self) - Add to MetaCart

of attacks, e.g., that an RSA modulus is resistant to elliptic-curve-based factoring attacks. This approach results in a rather unsatisfying laundry list of security tests for keys. We propose a new approach that we refer to as key generation with verifiable randomness (KEGVER). Our aim is to show in zero

Generation of Shared RSA Keys by Two Parties

by Guillaume Poupard, Jacques Stern - in Asiacrypt’98 , 1998

"... At Crypto'97 Boneh and Franklin proposed a protocol to efficiently generate shared RSA keys. In the case of two parties, the drawback of their scheme is the need of an independent third party. Furthermore, the security is guaranteed only if the three players follow the protocol. In this paper, ..."

Abstract - Cited by 20 (2 self) - Add to MetaCart

At Crypto'97 Boneh and Franklin proposed a protocol to efficiently generate shared RSA keys. In the case of two parties, the drawback of their scheme is the need of an independent third party. Furthermore, the security is guaranteed only if the three players follow the protocol. In this paper

Results 1 - 10 of 72

Tools