Introduction| Requirements| Download| Development| Packages| References|

Distributed Privacy Guard


The Distributed Privacy Guard (DKGPG) implements Distributed Key Generation (DKG) and Threshold Cryptography for OpenPGP. The generated public keys are compatible with the standard and thus can be used by any RFC4880-compliant application (e.g. GnuPG). The main purposes of this software are distributing power among multiple parties, eliminating single points of failure, and increasing the difficulty of side-channel attacks on private key material.

DKGPG consists of a bunch of simple command-line programs. The current implementation is in experimental state and should NOT be used in production environments. Motivation, cryptographical background and some usage scenarios have been presented at 26th Krypto-Tag (GI Working Group) and Datengarten/81 (CCCB). Please consult the slides for a first overview. There are some updated slides (35C3).

Using well-established multi-party protocols a shared private key and a common public key (currently DSA/ElGamal only) is generated. Then further interactive protocols perform the private operations like decryption and signing of files and keys, provided that a previously defined threshold of parties/devices take part in the distributed computation. Due to the interactiveness of the protocols a lot of messages between participating players have to be exchanged in a secure way. We employ GNUnet, and in particular its mesh routed CADET service, to establish private and broadcast channels for this message exchange. However, as alternative to GNUnet a simple TCP/IP based service for message exchange is included. With torsocks and port-forwarding of a local hidden service this allows running the interactive programs over the well-known Tor network. (Of course, a local network will also work.)

Distributed Privacy Guard is Free Software according to the definition of the Free Software Foundation. The source code is released under the GNU General Public License Version 2, or (at your option) any later version published by the Free Software Foundation.


The package depends on following free software libraries:

For building the optional GNUnet support a very recent GNUnet version (at least v0.11.x) must be present at configure-time, compile-time, and runtime of DKGPG:


The most recent version of DKGPG is dkgpg-1.1.3.tar.gz. Older versions are available on the download page.

Please verify the signature with a trusted version of the GNU Privacy Guard or any other OpenPGP-compliant software before you unzip the above file. The corresponding public key (will be revoked soon) can be found here. Additionally, you should verify the signature of my distributed code signing key. The corresponding public key can be found on several key servers.


Distributed Privacy Guard is developed and maintained by Heiko Stamer. The development page (including the bug tracker and GIT repository) is provided by nonGNU/Savannah.


Packaging status


The cryptographic background and a detailed discussion of the implementation issues are beyond the scope of this web page. The interested reader is referred to the following papers:
Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Secure Distributed Key Generation for Discrete-Log Based Cryptosystems. Journal of Cryptology, Vol. 20 Nr. 1, Springer 2007.
Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Adaptive Security for Threshold Cryptosystems. Advances in Cryptology -- Proceedings of CRYPTO '99, Lecture Notes in Computer Science 1666, Springer 1999.
Ronald Cramer, Rosario Gennaro, and Berry Schoenmakers. A Secure and Optimally Efficient Multi-Authority Election Scheme. Advances in Cryptology -- Proceedings of EUROCRYPT '97, Lecture Notes in Computer Science 1233, Springer 1997.
Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Robust Threshold DSS Signatures. Advances in Cryptology -- Proceedings of EUROCRYPT '96, Lecture Notes in Computer Science 1070, Springer 1996.

Copyright © 2017--2019 Heiko Stamer

This page is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.