公開検証可RSA型鍵分散方式

Presentation	2001/5/10 A Simple Approach to Secretly Sharing a Factoring Witness in Publicly-Verifiable manner Eiichiro Fujisaki,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	We give a simple solution to secretly sharing a factoring witness (or RSA secret-key d) in a publicly verifiable manner. This PVSS protocol is useful for various cryptosystems such as the fair-cryptosystem of RSA and the threshold and proactive RSA. As a primitive, we present a proof-of-knowledge protocol that works in a cyclic group of an unknown order. For this kind of protocols, the proof of soundness seems to have been provided incompletely in the literature [11,17,6], even though they appear in many applications, for instance, PVSS [20,12], group signature [4,5] and optimistic fair-exchange [2,1]. We provide a rigorous proof for our protocol. As PVSS for factoring witness, our solution is conceptually simple and the first practical and provably-secure scheme under some reasonable assumptions and, as PVSS for discrete log, it is almost at simple as that in [18].
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	Publicly verifiable secret sharing / Okamoto-Uchiyama encryption / Verifiable encryption.
Paper #	ISEC2001-4
Date of Issue

Paper Information
Registration To	Information Security (ISEC)
Language	ENG
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	A Simple Approach to Secretly Sharing a Factoring Witness in Publicly-Verifiable manner
Sub Title (in English)
Keyword(1)	Publicly verifiable secret sharing
Keyword(2)	Okamoto-Uchiyama encryption
Keyword(3)	Verifiable encryption.
1st Author's Name	Eiichiro Fujisaki
1st Author's Affiliation	NTT Laboratories()
Date	2001/5/10
Paper #	ISEC2001-4
Volume (vol)	vol.101
Number (no)	47
Page	pp.pp.-
#Pages	8
Date of Issue