Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Generate private key in distributed fashion #8

Open
osresearch opened this issue Feb 22, 2020 · 1 comment
Open

Generate private key in distributed fashion #8

osresearch opened this issue Feb 22, 2020 · 1 comment
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@osresearch
Copy link
Owner

osresearch commented Feb 22, 2020

There are lots of papers on using oblivious transfer or other mechanisms to generate the private key so that it never lives in one place. An example protocol: https://medium.com/@benny.pinkas/fast-distributed-rsa-key-generation-against-malicious-adversaries-faaaab96821d

Alice learns shares p1 and q1, and Bob learns shares p2 and q2, such that p=p1+p2 and q=q1+q2 are primes, and N=pq. None of the parties has any other information about the shares of the other party. Alice and Bob then run a short protocol for computing shares d1, d2 of the decryption exponent.

If the protocol is not extensible to more than two parties, Alice and Bob can further split their d1 and d2 such that the additional parties have parts from each Alice and Bob, but neither Alice nor Bob know any of the private shares.

@osresearch osresearch added enhancement New feature or request help wanted Extra attention is needed labels Feb 22, 2020
@osresearch
Copy link
Owner Author

Looks like the authors of that particular paper have a company selling distributed HSM products, which is why they didn't publish any source code to go with it. Boo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

1 participant