In a threshold RSA signature scheme, dishonest participants can disrupt signature generation by submitting junk instead of their partial signatures. A threshold signature system is robust if it allows generation of correct signatures for a group of t honest participants, and in the presence of malicious participants. The purpose of this paper is two-fold. First we show that a robust (t, n) threshold RSA signature scheme, proposed by Rabin in Crypto'98, lacks an essential property of (t, n) threshold schemes and allows an adversary to forge signatures. Then we propose a new approach to the construction of t-robust (t, n) threshold RSA signature scheme which can be seen as the dual to Rabin's approach. We discuss the efficiency of our system and show that when t is small (compared to n) our scheme is much more efficient than other existing schemes.
CITATION STYLE
Safavi-Naini, R., Wang, H., & Lam, K. Y. (2000). A new approach to robust threshold RSA signature schemes. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1787, pp. 184–196). Springer Verlag. https://doi.org/10.1007/10719994_15
Mendeley helps you to discover research relevant for your work.