Experimenting with Shared Generation of RSA keys

Author(s): Michael Malkin , Thomas Wu, Dan Boneh

Download: Paper (PDF)

Date: 4 Feb 1999

Document Type: Reports

Additional Documents: Slides

Associated Event: NDSS Symposium 1999

Abstract:

We describe an implementation of a distributed algorithm to generate a shared RSA key. At the end of the computation, an RSA modulus N = pq is publicly known. All servers involved in the computation are convinced that N is a product of two large primes, however none of them know the factorization of N. In addition, a public encryption exponent is publicly known and each server holds a share of the private exponent. Such a sharing of an RSA key has many applications and can be used to secure sensitive private keys. Previously, the only known method to generate a shared RSA key was through a trusted dealer. Our implementation demonstrates the effectiveness of shared RSA key generation, eliminating the need for a trusted dealer.