ABSTRACT 
BY 
 
Anuja A Sonalker 
on 
Asymmetric Key Distribution. 
(Under the direction of Dr. Gregory T. Byrd)
Currently, in Threshold Public Key Systems key shares are generated uniformly and 
distributed in the same manner to every participant. We propose a new scheme, 
Asymmetric Key Distribution (AKD), in which one share server is provided with a larger, 
unequal chunk of the original secret key. Asymmetric Key Distribution is a unique 
scheme for generating and distributing unequal shares via a Trusted Dealer to all the 
registered peers in the system such that without the combination of the single compulsory 
share from the Special Server no transaction can be completed. This application is aimed 
for circumstances where a single party needs to co-exist within a group of semi-trusted 
peers, or in a coalition where every entity should have a choice to participate and one of 
the entities needs to be privileged with more powers. 
This thesis presents the algorithm and security model for Asymmetric Key Distribution, 
along with all the assumptions and dependencies within the boundaries of which this 
algorithm is guaranteed to be secure. Its robustness lies in its simplicity and in its 
distributed nature. We address all security concerns related to the model including 
compromised share servers and cryptanalytic attacks.

A variation, called the Dual Threshold Scheme, is created to reduce the vulnerability in 
the algorithm, namely, the compromise of the Special Server and its secret share. In this 
scheme, a combination of another threshold number of Distributed Special Servers must 
combine to collectively generate a share equivalent to the Special Server’s share. This 
flexibility allows us to adjust our threshold scheme for the environment. 
We describe a Java-based implementation of the AKD algorithm, using Remote Method 
Invocation (RMI) for communication among share servers. A typical scenario of a 
Trusted Dealer, a Special Server and a number of Share Servers was created, where timed 
asymmetric key generation and distribution was carried out after which the servers 
initiated and carried out certificate signing transactions in the appropriated manner. As an 
interesting exercise, the share servers were corrupted so that they would try to exclude 
the Special Server in the transactions and try to form its share themselves, to observe the 
consequence. All their efforts were futile.
Another interesting aspect was the key generation timing. Key generation is known to be 
a very time-extensive process but the key share reuse concept used in this implementation 
reduced the time for key generation by 66-90% of the classical key generation time.