Adaptively-Secure Distributed Public-Key Systems

When attacking a distributed protocol, an adaptive adversary is able to determine its actions (e.g., which parties to corrupt) at any time based on its entire view of the protocol including the entire communication history. Proving security of cryptographic protocols against adaptive adversaries is a fundamental problem in cryptography. In this paper, we consider distributed public-key systems which are secure against an adaptive adversary. Speci4cally, we construct distributed discrete-log-based and RSA-based public-key systems secure against an adaptive adversary. We also extend the discrete-log-based systems to have proactive security, that is, security against an (adaptive) mobile adversary that has an upper bound on the number of servers it may corrupt at any one time, but no upper bound on the number of servers it may corrupt over the lifetime of the system. c © 2002 Elsevier Science B.V. All rights reserved.