LibTMCG provides some additional protocols that may be of independent interest.
We have implemented a robust and secure protocol for Distributed Key Generation (DKG) of public-key cryptosystems (see Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin: Secure Distributed Key Generation for Discrete-Log Based Cryptosystems, Journal of Cryptology, Vol. 20 Nr. 1, Springer 2007). Moreover, LibTMCG also provides a robust and secure protocol for threshold DSA/DSS (see Ran Canetti, Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin: Adaptive Security for Threshold Cryptosystems, Advances in Cryptology – Proceedings of CRYPTO ’99, Lecture Notes in Computer Science 1666, Springer 1999). Robustness and security means that up to t \le n/2 resp. t \le n/3 parties can act maliciously and the protocols still produce some result (e.g. a valid DSA/DSS signature on a given hash value).
The current implementation is in experimental state and should not be used in production environments. Motivation, cryptographical background and some usage scenarios have been presented recently at 26th Krypto-Tag (GI Working Group) and Datengarten/81 (CCCB). Please consult the slides for a first overview. The former DKG tools have been removed from this release. These programs are continued in a separate package called Distributed Privacy Guard (DKGPG).
Please report any bugs to the maintainer of LibTMCG. Every help with development or testing of these DKG protocols and programs is very welcome!
We have implemented two basic variants for oblivous transfer (see Moni Naor
and Benny Pinkas: Efficient Oblivious Transfer Protocols, Proceedings of
the Symposium on Discrete Algorithms (SODA), ACM/SIAM 2001) in the class
NaorPinkasEOTP: a 1-out-of-2 transfer and a 1-out-of-N transfer.
The chooser’s security is based on the DDH assumption and the sender’s security
is information-theoretic.