Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
Citations
2,661 citations
1,744 citations
Cites background from "Non-Interactive and Information-The..."
...Commitment protocols were first introduced by Blum [1] in 1982; many more Commitment Schemes were later developed with improved features [5, 6, 7, 8, 12, 13]....
[...]
[...]
1,481 citations
1,051 citations
Cites methods from "Non-Interactive and Information-The..."
...Recall the Pedersen commitment scheme [33]: given a group G of prime order q with generators g and h, a commitment to x ∈ Zq is formed by choosing a random r ← Zq and setting the commitment C = gh....
[...]
975 citations
Cites background from "Non-Interactive and Information-The..."
...DKG protocol of [22] is based on the ideas similar to the protocol of [38], has comparable complexity, but provably fixes the weakness of the latter....
[...]
...threshold DSS proposed in [21] use the distributed key generation protocol (DKG) of Pedersen [38]....
[...]
...Some threshold signature scheme, e.g. threshold DSS proposed in [21] use the distributed key generation protocol (DKG) of Pedersen [38]....
[...]
...However, [22] point out the weakness of DKG of [38]....
[...]
References
14,340 citations
3,184 citations
- If no faults occur, no set of size
t <n /2 of players gets any additional information (other than the function value), - Even if Byzantine faults are allowed, no set of size
t <n /3 can either disrupt the computation or get additional information.
2,298 citations
2,207 citations
1,663 citations