Threshold cryptosystem
From Wikipedia, the free encyclopedia
In cryptography, a cryptosystem is called a 'threshold cryptosystem', if in order to decrypt an encrypted message a number of parties exceeding a threshold is required to cooperate in the decryption protocol. The message is encrypted using a public key and the corresponding private key is shared among the participating parties. Let n be the number of parties. Such a system is called (t,n)-threshold, if at least t of these parties can efficiently decrypt the ciphertext, while less than t have no useful information. Similarly it is possible to define (t,n)-threshold signature scheme, where at least t parties are required for creating a signature.
Threshold versions of encryption schemes can be build for many public encryption schemes. The natural goal of such schemes is to be as secure as the original scheme. Such threshold versions have been defined for:
[edit] See also
[edit] References
- ^ Ivan Damgård, Mads Jurik: A Length-Flexible Threshold Cryptosystem with Applications. ACISP 2003: 350-364
- ^ Ivan Damgård, Mats Jurik: A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System. Public Key Cryptography 2001: 119-136
| Algorithms: Cramer-Shoup | DH | DSA | ECDH | ECDSA | EKE | ElGamal | GMR | IES | Lamport | MQV | NTRUEncrypt | NTRUSign | Paillier | Rabin | RSA | Schnorr | SPEKE | SRP | XTR |
| Theory: Discrete logarithm | Elliptic curve cryptography | RSA problem |
| Standardization: ANS X9F1 | CRYPTREC | IEEE P1363 | NESSIE | NSA Suite B Misc: Digital signature | Fingerprint | PKI | Web of trust | Key size |
| History of cryptography | Cryptanalysis | Cryptography portal | Topics in cryptography |
| Symmetric-key algorithm | Block cipher | Stream cipher | Public-key cryptography | Cryptographic hash function | Message authentication code | Random numbers |
 |
This cryptography-related article is a stub. You can help Wikipedia by expanding it. |
