Pairing based threshold cryptography improving on Libert-Quisquater and Baek-Zheng

Yvo Desmedt, Tanja Lange

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review


    In this paper we apply techniques from secret sharing and threshold decryption to show how to properly design an ID-based threshold system in which one assumes no trust in any party. In our scheme: We avoid that any single machine ever knew the master secret s of the trusted authority (TA). Instead only shares of it will be known by parties of the distributed TA and it can be seen as a virtual key. The threshold t(TA) and the number of shareholders n(TA) used by the distributed TA do not need to be identical to the ones used by user ID. Moreover, each user ID can use its own values for the threshold t(i) and the number of parties n(i) that will acquire shares. No single machine will ever know the secret key of the user - this means no single machine in the distributed TA and no shareholder of the user ID and Dot ID itself. Like Baek and Zheng suggest, such a scheme can be turned into a mediated system.
    Original languageEnglish
    Title of host publicationFinancial Cryptography and Data Security
    Publication date2006
    ISBN (Print)978-3-540-46255-2
    Publication statusPublished - 2006
    EventFinancial Cryptography 2006 - Anguilla, British West Indies
    Duration: 1 Jan 2006 → …
    Conference number: 10


    ConferenceFinancial Cryptography 2006
    CityAnguilla, British West Indies
    Period01/01/2006 → …
    SeriesLecture Notes in Computer Science


    Dive into the research topics of 'Pairing based threshold cryptography improving on Libert-Quisquater and Baek-Zheng'. Together they form a unique fingerprint.

    Cite this