In cryptography, a cryptosystem is called a threshold cryptosystem.
If in order to decrypt an encrypted message or to sign a message
several parties must cooperate in the decryption
3. Introduction[1]
In cryptography, a cryptosystem is called a threshold cryptosystem.
If in order to decrypt an encrypted message or to sign a message
several parties must cooperate in the decryption
The message is encrypted using a public key and the corresponding
private key is shared among the participating parties
Threshold versions of encryption can be built for many asymmetric
cryptographic schemes
4. Applications[2]
Only organizations with very valuable secrets, such as certificate authorities militaries
Governments would make use of the technology
In October 2012 after a number of large public website password cipher text
cooperation RSA Security announced that it would be releasing software that makes
the technology available to the general public.
Threshold cryptography is a secret sharing technique that finds applications in many fields
including cloud computing (remote servers on internet to store ,manage and process data)
Authentication and sensor networks, digital
signatures, and electronic voting
5. Limitations[3]
The dark side of threshold cryptography has never been addressed seriously
We investigate some possible abuses of threshold cryptography
which result from users not possessing the entire private key due to threshold splitting
Examples:
1: subliminal channels in strong (randomized) signature schemes.
2: Employing authentication for encryption.
3:kleptography exploiting etc.
6. Challenges[4]
Challenge–response authentication
One party generate a question and another party is responsible to give valid answer to be
authenticated.
The simplest example of a challenge–response protocol is password authentication
Challenge is asking for the password and the valid response is the correct password
For communications security methods are unavailable, the U.S military uses the AKAC1553
TRIAD numeral cipher to authenticate and encrypt some communications
TRIAD includes a list of three-letter challenge codes, which the verifier is supposed to choose
randomly from, and random three-letter responses to them. For added security
Codes is only valid for a particular time period which is ordinarily 24 hours
7. Solutions[5]
In the threshold setting, we would like to implement, via efficient protocols, the most secure
cryptosystems and signature schemes.
We would also like to make our protocols secure in the strongest possible model of faults.
The size of the threshold: The servers can be corrupted by the adversary without any harm to the
service (e.g. signature or decryption) that these servers implement
Model of communication : How realistic are the requirements we place on it? Do we require
synchronous or partially synchronous communication, authenticated broadcast and secure links
between servers?