Abstract
This paper proposes a threshold key escrow scheme based on ElGamal cryptosystem. In the scheme, every escrow agency gets sub-message using his secret shadow. Each time monitor agency can recover the whole message (session key) by using k sub-messages. But nothing about the whole message can be obtained when the number of the sub-messages is less then k. The attacker cannot get any information about system key and secret shadow by the known sub-messages. The proposed scheme not only solves the problem of once monitor, monitor for ever, but also solves the Shamir's problem. In the scheme, every escrow agency can verify correctness of the secret shadow that the escrows during secret shadow distribution and monitor agency can exactly decide which escrow agency forges or tampers secret shadow during monitor procedure. Thus the scheme has the property of robustness. Since the proposed theme is threshold key escrow scheme, monitor agency can easily reconstruct session key sk when an escrow agency or few agencies is not cooperating. In addition, it can also resist LEAF feedback attacks.
| Original language | English |
|---|---|
| Pages (from-to) | 346-350 |
| Number of pages | 5 |
| Journal | Jisuanji Xuebao/Chinese Journal of Computers |
| Volume | 25 |
| Issue number | 4 |
| State | Published - Apr 2002 |
| Externally published | Yes |
Keywords
- ElGamal cryptosystem
- Escrow agent
- Key escrow
- Monitor
- Threshold scheme