Adaptively Secure Threshold Cryptography without the Assumption of Erasure

We exhibit eecient threshold cryptosystems which are secure against adaptive adversaries even when the players cannot erase their local data. Speciically, we present erasure-free adaptively-secure protocols for distributed decryption in Cramer-Shoup cryptosystem. Our techniques are also applicable for distributing the secret-key operation of other cryptosystems, like RSA, DSS, and ElGamal, as well as for the distributed key generation for discrete-log based schemes. Recently, CGJ + 99,FMY99a-b] introduced several eecient adaptively-secure threshold cryptosystems whose security relies on the ability of the uncorrupted players to safely erase most of the secret data produced during the protocol execution. However, secure erasure of data is hard to implement in practice: It requires specialized hardware and operating systems, and even then it remains a costly operation. By introducing a few subtle but crucial modiications to the protocols and the analytic techniques of CGJ + 99,FMY99a-b], and by devising an eecient implementation of a novel primitive of a selectively secure encryption, we remove the need to recourse to erasures in these protocols. Our ElGamal-based implementation of a selectively secure encryption is the rst eecient implementation of secure channels in erasure-free adaptive model, for the wide but special class of multi-party computation protocols.