Experimenting with Shared Generation of RSA keys
Authors: M. Malkin, T. Wu, and D. Boneh
Abstract:
We describe an implementation of a distributed algorithm to generate a
shared RSA key. At the end of the computation, an RSA modulus N=pq is
publicly known. All servers involved in the computation are convinced
that N is a product of two large primes, however none of them know
the factorization of N. In addition a public encryption exponent is
publicly known and each server holds a share of the private exponent.
Such a sharing of an RSA key has many applications and can be used to
secure sensitive private keys. Previously, the only known method to
generate a shared RSA key was through a trusted dealer. Our
implementation demonstrates the effectiveness of shared RSA key
generation eliminating the need for a trusted dealer.
Reference:
In proceedings of the Internet Society's 1999 Symposium on Network and Distributed System Security (NDSS), pp. 43--56
Full paper: PostScript [first posted 10/1998 ]
Related papers: See the full paper describing the algorithm.