Abstract by anuja a sonalker on Asymmetric Key Distribution


Fig 5.1: Dual Threshold Model of the Special Server


Download 217.42 Kb.
Pdf ko'rish
bet39/43
Sana19.04.2023
Hajmi217.42 Kb.
#1365410
1   ...   35   36   37   38   39   40   41   42   43
Bog'liq
etd

Fig 5.1: Dual Threshold Model of the Special Server. 
5.1 Description 
In order to maintain tolerance, we introduce a second threshold here within the 
Distributed Special Servers. If the Special Server is divided into m Distributed Special 
Servers (peers among themselves) then any f out of them may be able to combine to form 
the Special Server’s legal share. This gives a dual stage hierarchy of share servers and 
ensures that as long as a collaboration of a threshold number of Distributed Special 
Servers among the client shares exists without compromise, the scheme can be 
successful. Thus as long as f out of the m distributed special servers are not compromised 
the Special Server cannot be influenced. The tolerance level here is f-m and again, in this 
case too, a total of at least f-m+1 distributed special servers need to be compromised 
before the good servers can be stopped from signing legitimate certificate requests. Bad 
certificates can still not be signed since m-f+1 < f 
*
- it is not enough to make the 
threshold mark. This threshold scheme is identical to the one implemented among the 
Share Servers.
 
* since
(
2
m
+ 1) 

t
<
m; 
similar to the requirement of t-out-of-k threshold.
 


54 
 
Secret Key
Generated by trusted party 
Special Server Share Shared server Share 
m Distributed Special Servers k Share servers
f-out-of m signature shares t-out-of k signature shares 
ƒ
Signed Message. 
Fig 5.2: Asymmetric Key Distribution Algorithm with Dual Threshold.
 
As shown above in Fig 7, the Trusted Dealer now has to generate additional key shares 
for each of the Special Server’s compulsory key shares. It divides each SS key share into 
f smaller key shares of the same size. These are distributed among the m distributed 
special servers in 
1
+

f
m
C
m
f
ways using the key share reuse technique. The Distributed 
Special Servers now have 
1
+

f
m
C
m
f
· 
1
+

t
k
C
k
t
sets of key shares. Though this technique 
causes an explosion of key shares, it is still feasible compared to the scheme without key 
share reuse. It also provides more randomness than the classical threshold schemes. For 
example, reusing the previous example of 5-out-of-7 share servers, we have 
1
5
7
7
5
+

C

3
21
= 7 sets of share server shares. If the Special Server threshold is now 3-out-of-5, we 


55 
have 
1
3
5
5
3
+

C
= 10 div3 +10mod 3 = 4 sets of distributed special servers for each set of 
share server shares. This would result in a total of 4 · 7 = 21 sets, which is 90% lesser 
than 21· 10 = 210 sets (without reuse). Also, there exist a better degree of randomness 
here as compared to the classical secret sharing scheme[1] due to a larger key space.
The f-out-of m threshold and t-out-of-k threshold’s are mutually exclusive - only t-out-of 
k and f-out of the m shares created could together form a successful transaction. 
Furthermore, if collectively t + f shares are applied out of k + m servers without 
observing the thresholds t and f, the Certificate Signing Request would be unsuccessful. 

Download 217.42 Kb.

Do'stlaringiz bilan baham:
1   ...   35   36   37   38   39   40   41   42   43




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2024
ma'muriyatiga murojaat qiling