Skip to main content
Efficient Dealer-Less Threshold Sharing of Standard RSA
International Journal of Network Security (2009)
  • Maged Ibrahim, Helwan University
In [15] an efficient two-party, two-prime RSA function sharing protocol was proposed. The protocol proves efficiency over previously proposed protocols. When the sharing of standard RSA is considered, the protocol is faster than ever. In this paper, under the assumption that the adversary has eavesdropping and halting capabilities, we propose an efficient extension to the protocol of [15]. Our protocol enjoys the following properties (some of which are inherit from [15]): The protocol is fully distributed (i.e. does not require an honest dealer). It is a t-private and t-resilient (t,n)-threshold structure against a stationary adversary and also t-proactive (t,n)-threshold structure against a mobile adversary, where the number of players n>3t. The players jointly generate two-prime RSA modulus in a number of trials of cal{O}(ell/lgell) since, the protocol avoids the inefficient distributed biprimality test. An extension of the protocol allows the generation of a RSA modulus which is a composite of two safe primes. Distributed primality tests are performed over a public modulus not a shared secret one, which reduces complexity on a per trial basis. We must emphasize that robustness against malicious adversaries (adversaries that masquerade the corrupted player by altering, deleting, sending wrong values, etc.) are beyond the scope of this paper.
Publication Date
Citation Information
Maged Ibrahim. "Efficient Dealer-Less Threshold Sharing of Standard RSA" International Journal of Network Security Vol. 8 Iss. 2 (2009) p. 139 - 150
Available at: