Next: , Previous: , Up: Top   [Contents][Index]


4 Tools

LibTMCG provides some additional programs that may be of independent interest. Please consult the corresponding manual pages for further information.

4.1 Distributed Key Generation and Threshold Cryptography

We have implemented a robust and secure protocol for Distributed Key Generation (DKG) of public-key cryptosystems (see Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin: Secure Distributed Key Generation for Discrete-Log Based Cryptosystems, Journal of Cryptology, Vol. 20 Nr. 1, Springer 2007). Moreover, LibTMCG also provides a robust protocol for threshold DSA/DSS (see Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin: Adaptive Security for Threshold Cryptosystems, Advances in Cryptology – Proceedings of CRYPTO ’99, Lecture Notes in Computer Science 1666, Springer 1999). The program dkg-generate provides an implementation for DSA and the ElGamal cryptosystem with output of the corresponding keys in OpenPGP format (see J. Callas, L. Donnerhacke, H. Finney, D. Shaw, R. Thayer: OpenPGP Message Format, Network Working Group, Request for Comments: 4880, November 2007). For key generation it needs a lot of strong quality randomness (cf. D. Eastlake, J. Schiller, and S. Crocker: Randomness Requirements for Security, Network Working Group, Request for Comments: 4086, June 2005) obtained from the GNU Crypto Library (libgcrypt), that means, the execution will slow down or even fail on systems (e.g. headless servers) where only low entropy sources for /dev/random are available.

Due to the interactiveness of the protocols a lot of messages between participating parties have to be exchanged in a secure way. We employ GNUnet, and in particular its mesh routed CADET service, to establish private and broadcast channels for this message exchange. The well-known reliable broadcast protocol (see CachinKursawePetzoldShoupRBC) is used as mechanism to achieve some validity, consistency, and totality in a most likely asynchronous communication environment for t < n/3. However, there are still some limitations due to the predefined timeout values. Such problems may be recognized by looking for timeout error messages on STDERR.

The program dkg-encrypt encrypts a text message for a given public key in OpenPGP format. It uses AES256 as symmetric cipher and ElGamal as public-key algorithm. A similar encryption can be done by any OpenPGP-compatible implementation. Conversely, a corresponding threshold decryption protocol (see Ronald Cramer, Rosario Gennaro, and Berry Schoenmakers: A Secure and Optimally Efficient Multi-Authority Election Scheme, Advances in Cryptology – EUROCRYPT ’97, LNCS 1233, pp. 103–118, 1997) has been implemented in the program dkg-decrypt. It provides an interactive version and a non-interactive version for computing, verifying, and combining the required decryption shares.

The program dkg-sign creates a detached signature on a binary file for a shared DSA/DSS key, if a threshold of the parties work together in an interactive signing protocol. Such a detached signature can be verified with any OpenPGP-compatible implementation. Thus it solves the problem of distributing the power of code-signing without secret key splitting (e.g. libgfshare) and laborious reconstruction ceremonies.

Please note that for building dkg-generate, dkg-sign and the interactive version of dkg-decrypt the development files for a very recent GNUnet version (at least v0.11.x, which is when writing these lines still not yet released) must be present at configure-time resp. compile-time of LibTMCG. However, as alternative to GNUnet a built-in TCP/IP based service for message exchnage is included.

The current implementation is in experimental state and should not be used in production environments. Motivation, cryptographical background and some usage scenarios have been presented recently at 26th Krypto-Tag. Please consult the slides for a first overview.

Please report any bugs to the maintainer of LibTMCG. Any help with development or testing of these tools is very welcome!


Next: , Previous: , Up: Top   [Contents][Index]