HOME

TheInfoList



Click Here for Items Related To - Threshold Cryptography
OR:
Threshold Cryptography on:   [Wikipedia]   [Google]   [Amazon]

A threshold cryptosystem, the basis for the field of threshold cryptography, is a
cryptosystem In cryptography, a cryptosystem is a suite of cryptographic algorithms needed to implement a particular security service, such as confidentiality (encryption). Typically, a cryptosystem consists of three algorithms: one for key generation, one for ...
that protects information by encrypting it and distributing it among a cluster of fault-tolerant computers. The message is encrypted using a public key, and the corresponding private key is shared among the participating parties. With a threshold cryptosystem, in order to decrypt an encrypted message or to sign a message, several parties (more than some threshold number) must cooperate in the decryption or signature
protocol Protocol may refer to: Sociology and politics * Protocol (politics), a formal agreement between nation states * Protocol (diplomacy), the etiquette of diplomacy and affairs of state * Etiquette, a code of personal behavior Science and technology ...
.


History

Perhaps the first system with complete threshold properties for a trapdoor function (such as RSA) and a proof of security was published in 1994 by Alfredo De Santis, Yvo Desmedt, Yair Frankel, and Moti Yung. Historically, only organizations with very valuable secrets, such as
certificate authorities In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This ...
, the military, and governments made use of this technology. One of the earliest implementations was done in the 1990s by Certco for the planned deployment of the original
Secure electronic transaction Secure Electronic Transaction (SET) is a communications protocol standard for securing credit card transactions over networks, specifically, the Internet. SET was not itself a payment system, but rather a set of security protocols and formats that ...
. However, in October 2012, after a number of large public website password ciphertext compromises, RSA Security announced that it would release software to make the technology available to the general public. In March 2019, the National Institute of Standards and Technology (NIST) conducted a workshop on threshold cryptography to establish consensus on applications, and define specifications. In July 2020, NIST published "Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives" as NISTIR 8214A.


Methodology

Let n be the number of parties. Such a system is called ''(t,n)''-threshold, if at least ''t'' of these parties can efficiently decrypt the ciphertext, while fewer than ''t'' have no useful information. Similarly it is possible to define a ''(t,n)''-threshold
signature scheme A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...
, where at least ''t'' parties are required for creating a signature.


Application

The most common application is in the storage of secrets in multiple locations to prevent the capture of the secret and the subsequent
cryptanalysis Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic sec ...
of that system. Most often the secrets that are "split" are the secret key material of a
public key cryptography Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
or of a
Digital signature A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...
scheme. The method primarily enforces the decryption or the signing operation to take place only if a threshold of the secret sharer operates (otherwise the operation is not made). This makes the method a primary trust sharing mechanism, besides its safety of storage aspects.


Derivatives of asymmetric cryptography

Threshold versions of encryption or signature schemes can be built for many asymmetric cryptographic schemes. The natural goal of such schemes is to be as secure as the original scheme. Such threshold versions have been defined by the above and by the following: *
Damgård–Jurik cryptosystem The Damgård–Jurik cryptosystemIvan Damgård, Mads JurikA Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System Public Key Cryptography 2001: 119-136 is a generalization of the Paillier cryptosystem. ...
* DSA *
ElGamal In cryptography, the ElGamal encryption system is an asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie–Hellman key exchange. It was described by Taher Elgamal in 1985. ElGamal encryption is used in th ...
* ECDSA (these are used in protecting
Bitcoin Bitcoin ( abbreviation: BTC; sign: ₿) is a decentralized digital currency that can be transferred on the peer-to-peer bitcoin network. Bitcoin transactions are verified by network nodes through cryptography and recorded in a public distr ...
wallets) *
Paillier cryptosystem The Paillier cryptosystem, invented by and named after Pascal Paillier in 1999, is a probabilistic asymmetric algorithm for public key cryptography. The problem of computing ''n''-th residue classes is believed to be computationally difficult. The ...
* RSA


See also

* Broadcast encryption *
Distributed key generation Distributed key generation (DKG) is a cryptographic process in which multiple parties contribute to the calculation of a shared public and private key set. Unlike most public key encryption models, distributed key generation does not rely on Trus ...
* Secret sharing *
Secure multi-party computation Secure multi-party computation (also known as secure computation, multi-party computation (MPC) or privacy-preserving computation) is a subfield of cryptography with the goal of creating methods for parties to jointly compute a function over their ...
*
Shamir's Secret Sharing Shamir's Secret Sharing (SSS) is an efficient secret sharing algorithm for distributing private information (the "secret") in such a way that no individual holds intelligible information about the secret. To achieve this, the secret is converted ...
*
Threshold (disambiguation) Threshold may refer to: Architecture * Threshold (door), the sill of a door Media * ''Threshold'' (1981 film) * ''Threshold'' (TV series), an American science fiction drama series produced during 2005-2006 * "Threshold" (''Stargate SG-1''), ...


References

{{Cryptography navbox, public-key Public-key cryptography