Robust Protocol for Generating Shared RSA Parameters

  • Ari Moesriami Barmawi
  • Shingo Takada
  • Norihisa Doi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1746)


This paper describes how n parties can jointly generate the parameters for the RSA encryption system while being robust to prevent attacks from cheaters and malicious parties. The proposed protocol generates a public modulus number, without the parties knowing the factorization of that number. Our proposed protocol is similar to that of Boneh-Franklin's protocol. However, when there are two communicating parties our proposed protocol does not need the help of a third party. By using our proposed protocol, we can detect the presence of malicious parties and cheaters among the authorized user. An analysis shows that our proposed protocol has less computational complexity than the protocol of Frankel-MacKenzie-Yung.


Communication Complexity Modular Exponentiation Encrypt Message Multiplicative Inverse Large Prime Factor 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Boneh, D. and Franklin, M.: Efficient Generation of Shared RSA Keys]. Advances in Cryptology-Crypto’ 97. Lecture Notes in Computer Science. Springer Verlag (1997), 423–439.Google Scholar
  2. 2.
    Frankel, Y., MacKenzie, P D., Yung, M.: Robust Efficient Distributed RSA-Key Generation. Proceedings STOC 98. ACM (1998).Google Scholar
  3. 3.
    Poupard, G. and Stern, J.: Generation of Shared RSA Keys by Two Parties. Proceedings of ASIACRYPT 98. Lecture Notes in Computer Science. Springer Verlag (1998), 11–24.Google Scholar
  4. 4.
    Malkin, M., Wu, T. and Boneh, D.: Experimenting with Shared Generation of RSA Keys. Proceedings of Internet Society’s 1999 Symposium on Network and Distributed Network Security, (1999).Google Scholar
  5. 5.
    Cocks, C.: Split Knowledge Generation of RSA Parameters. Proceedings of 6th International Conference of IMA on Cryptography and Coding. Lecture Notes in Computer Science. Springer Verlag (1997), 89–95.Google Scholar
  6. 6.
    Feige, U., Fiat, A. and Shamir, A.: Zero-knowledge Proofs of Identity. Journal of Cryptology, 1, (1988), 77–94.zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Fiat, A. and Shamir, A.: How to Prove Yourself: Practical Solution to Identification Problems. Crypto’ 86. Lecture Notes in Computer Science (1986), 186–194.Google Scholar
  8. 8.
    Ohta, K. and Okamoto, T.: A modification of Fiat-Shamir scheme. Crypto’ 88. Lecture Notes in Computer Science. Springer Verlag (1988), 232–243.Google Scholar
  9. 9.
    Ong, H. and Schnorr, C.: Fast Signature Generation with a Fiat-Shamir-like Scheme. Eurocrypt’ 90. Lecture Notes of Computer Science. Springer Verlag (1990), 432–440.Google Scholar
  10. 10.
    Rivest, R.L., Shamir, A. and Adleman, L.: Method for Obtaining Signatures and Public-Key Cryptosystems. Communication of the ACM (1978).Google Scholar
  11. 11.
    Schneier, B.: Applied Cryptography: Protocols, Algorithms, and Source Code in C. John Wiley and Sons (1994).Google Scholar
  12. 12.
    Barmawi, A.M., Takada, S., Doi, N.: A Proposal for Generating Shared RSA Parameters. Proceeding of IWSEC 99, September, 1999.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Ari Moesriami Barmawi
    • 1
  • Shingo Takada
    • 1
  • Norihisa Doi
    • 1
  1. 1.Department of Computer Science, Graduate School of Science and TechnologyKeio UniversityYokohamaJapan

Personalised recommendations