Weaknesses in Shared RSA Key Generation Protocols
Cocks proposed a protocol for two parties to jointly generate a shared RSA key. His protocol was designed under the assumption that both parties follow the protocol. Cocks proposed a modification to the protocol to prevent certain attacks by an active adversary. The paper presents attacks that show that the Cocks protocols are not secure when one party deviates from the protocol.
KeywordsActive Adversary Secret Information Passive Adversary 30th STOC Private Decryption
Unable to display preview. Download preview PDF.
- 1.M. Bellare and S. Goldwasser, Lecture Notes in Cryptography. 1996. Available at http://www-cse.ucsd.edu/users/mihir/
- 2.S.R. Blackburn, S. Blake-Wilson, M. Burmester and S.D. Galbraith, ‘Shared generation of shared RSA keys’ Technical report CORR 98-19, University of Waterloo. Available from http://www.cacr.math.uwaterloo.ca/
- 3.D. Boneh and M. Franklin, ‘Efficient generation of shared RSA keys’, in B.S. Kaliski Jr., editor, Advances in Cryptology-CRYPTO ‘97, Lecture Notes in Computer Science Vol. 1294, Springer-Verlag, 1997, pp. 425–439.Google Scholar
- 4.C. Cocks, ‘Split knowledge generation of RSA parameters’, in M. Darnell, editor, Cryptography and Coding: 6th IMA Conference, Lecture Notes in Computer Science Volume 1355, Springer-Verlag, 1997, pp. 89–95.Google Scholar
- 5.C. Cocks, ‘Split generation of RSA parameters with multiple participants’, 1998. Available at http://www.cesg.gov.uk
- 6.D.E. Denning and D.K. Branstad, ‘A taxonomy of key escrow encryption schemes’, Communications of the A.C.M., Vol. 39,No.1 (1996), pp. 24–40.Google Scholar
- 7.A. Fiat and A. Shamir, ‘How to prove yourself: Practical solutions to identification and signature problems’, in A.M. Odlyzko, editor, Advances in Cryptology-CRYPTO ‘86, Lecture Notes in Computer Science Vol. 263, Springer-Verlag, 1987, pp. 186–194.Google Scholar
- 8.Y. Frankel, P.D. MacKenzie, M. Yung, ‘Robust efficient distributed RSA key generation’, In Proc. of 30th STOC, 1998, pp. 663–672.Google Scholar
- 10.N. Gilboa, ‘Two party RSA key generation’, in M. Weiner, editor, Advances in Cryptology-CRYPTO’ 99, Lecture Notes in Computer Science 1666, Springer-Verlag 1999, pp. 116–129.Google Scholar
- 11.G. Poupard, J. Stern, ‘Generation of shared RSA keys by two parties’, In ASI-ACRYPT’ 98, 1998, pp. 357–371.Google Scholar