@inproceedings{f9167220a6994b5caf6ab83f25fffea8,
title = "Secure and practical threshold RSA",
abstract = "This article describes a scheme that outputs RSA signatures using a threshold mechanism in which each share has a bitlength close to the bitlength of the RSA modulus. The scheme is proven unforgeable under the standard RSA assumption against an honest but curious adversary that has static corruption capabilities. Previous practical and prov-ably secure schemes require to introduce a factor n! [33] and 2kt [15] in the exponent when computing the partial signatures, where n is the RSA modulus, t+1 the threshold and k a fixed parameter. Our scheme requires only t + 1 modular exponentiations and l + 1 modular multiplications, with t the threshold and l the number of participants.",
keywords = "Digital signature, Provable security, RSA, Threshold cryptography",
author = "J{\'e}r{\^o}me Dossogne and Fr{\'e}d{\'e}ric Lafitte and {Van Heule}, Dirk",
year = "2013",
doi = "10.1145/2523514.2523529",
language = "English",
isbn = "9781450324984",
series = "SIN 2013 - Proceedings of the 6th International Conference on Security of Information and Networks",
pages = "79--85",
booktitle = "SIN 2013 - Proceedings of the 6th International Conference on Security of Information and Networks",
note = "6th International Conference on Security of Information and Networks, SIN 2013 ; Conference date: 26-11-2013 Through 28-11-2013",
}