Pairing based threshold cryptography improving on libert-quisquater and Baek-Zheng

Abstract

In this paper we apply techniques from secret sharing and threshold decryption to show how to properly design an ID-based threshold system in which one assumes no trust in any party. In our scheme: We avoid that any single machine ever knew the master secret s of the trusted authority (TA). Instead only shares of it will be known by parties of the distributed TA and it can be seen as a virtual key. The threshold tT A and the number of shareholders nTA used by the distributed TA do not need to be identical to the ones used by user ID. Moreover, each user ID can use its own values for the threshold ti and the number of parties ni that will acquire shares. No single machine will ever know the secret key of the user - this means no single machine in the distributed TA and no shareholder of the user ID and not ID itself. Like Baek and Zheng suggest, such a scheme can be turned into a mediated system. © IFCA/Springer-Verlag Berlin Heidelberg 2006.