| 引用本文: |
-
郭显,韩梦影,冯涛,成玉丹,贾文娟.高效的异步分布式密钥生成协议[J].信息安全学报,已采用 [点击复制]
- guoxian,hanmengying,fengtao,chengyudan,jiawenjuan.Efficient Asynchronous Distributed Key Generation[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 当前分布式密钥生成(DKG)的研究仍局限于理想化的同步网络环境,忽略了现实网络异步性的普遍挑战.一旦网络环境违背同步假设,协议便易遭受攻击.尽管近期关于异步分布式密钥生成(ADKG)协议的研究取得了显著进展,但其性能仍存在较大局限性.本文首先设计了一种简单且高效的异步完全秘密共享(EACSS)机制.该机制适用于n=3t+1个参与者的异步网络,采用批处理技术批量生成n个份额及其有效性的非交互式零知识(NIZK)证明,提高了分发者Dealer的计算效率;同时,通过让分发者Dealer等待接收2t+1个确认或2Δ时间(以两者中较长的时间为基准),以便对未收到确认的参与者份额调用基于Joye-Libert的公开可验证加密(JL-PVE)机制进行加密,将生成的密文及其有效性证明通过异步可靠广播(RBC)机制广播给各参与者,解决了异步终止问题且实现了协议的部分公开可验证性.以EACSS作为分享阶段的构建模块,采用可重复提议的异步二进制拜占庭共识(RABA)协议作为共识阶段的构建模块,以对聚合密钥份额集合达成共识,构建了高效异步分布式密钥生成(EADKG)协议.EADKG协议的分享阶段完全继承了EACSS机制的安全特性,共识阶段的RABA协议实现了分享阶段与共识阶段的完全并行执行,从而提高了协议的整体效率.新协议不仅能在 个腐化参与者的网络环境中保持安全且实现了最优容错(即能容忍 个腐化参与者),同时确保生成的门限密钥为域元素,使其具有广泛的适用性.协议实现了O(λn3)的总预期通信开销,O(nlogn)的计算开销(单个参与者)并在预期O(logn)轮内终止.最后,通过理论分析表明新协议能够满足安全和性能需求. |
| 关键词: 分布式密钥生成 秘密共享 公开可验证加密 二进制拜占庭共识协议 可靠广播 |
| DOI: |
| 投稿时间:2025-01-09修订日期:2025-06-27 |
| 基金项目:国家自然科学基金项目(No.61461027),甘肃省科技计划项目(No.20JR5RA467) |
|
| Efficient Asynchronous Distributed Key Generation |
|
guoxian, hanmengying, fengtao, chengyudan, jiawenjuan
|
| (Lanzhou University of Technology) |
| Abstract: |
| Current researches on Distributed Key Generation (DKG) remain largely confined to the idealized synchronous network models, ignoring the common challenges of asynchronous property of real-world networks. When the network conditions violate synchronous assumptions, existing protocols become vulnerable to attacks. Although recent researches on Asynchronous Distributed Key Generations (ADKG) have achieved significant progress, their performance still faces significant limitations. This paper first designs a simple and Efficient Asynchronous Complete Secret Sharing (EACSS) scheme for asynchronous networks with n=3t+1 participants. Leveraging the batch processing technique, the scheme efficiently generates n shares along with their Non-Interactive Zero-Knowledge (NIZK) proofs of validity, substantially improving computational efficiency for the Dealer. Furthermore, to resolve asynchronous termination and achieve partially public verifiability, the Dealer waits to receive either 2t+1 confirmations or for 2? time (whichever is longer), then encrypts unacknowledged shares using the Joye-Libert Publicly Verifiable Encryption (JL-PVE) mechanism, and broadcasts the resulting ciphertext with validity proofs to all participants via the Aasynchronous Reliable Broadcast (RBC) mechanism. Building upon EACSS as the sharing phase module and employing the Reproposable Asynchronous binary Byzantine Agreement (RABA) protocol as the consensus phase module to reach agreement on the aggregated key shares, we construct an Efficient Asynchronous Distributed Key Generation (EADKG) protocol. The sharing phase of EADKG fully inherits the security properties of EACSS, while the RABA-based consensus phase enables fully parallel execution of sharing and consensus phases, thereby enhancing overall protocol efficiency. The new protocol not only maintains security in networks with t
|
| Key words: distributed key generation secret sharing publicly verifiable encryption binary byzantine agreement reliable broadcast |
