NCSU Institutional Repository >
NC State Theses and Dissertations >
Theses >

Please use this identifier to cite or link to this item: http://www.lib.ncsu.edu/resolver/1840.16/545

Title: Asymmetric Key Distribution
Authors: Sonalker, Anuja Anilkumar
Advisors: Dr Gregory T. Byrd, Chair
Dr Peng Ning, Member
Dr Ken Vu, Member
Issue Date: 12-Apr-2002
Degree: MS
Discipline: Computer Engineering
Abstract: Currently, in Threshold Public Key Systems key shares are generated uniformly and distributed in the same manner to every participant. We propose a new scheme, Asymmetric Key Distribution (AKD), in which one share server is provided with a larger, unequal chunk of the original secret key. Asymmetric Key Distribution is a unique scheme for generating and distributing unequal shares via a Trusted Dealer to all the registered peers in the system such that without the combination of the single compulsory share from the Special Server no transaction can be completed. This application is aimed for circumstances where a single party needs to co-exist within a group of semi-trusted peers, or in a coalition where every entity should have a choice to participate and one of the entities needs to be privileged with more powers. This thesis presents the algorithm and security model for Asymmetric Key Distribution, along with all the assumptions and dependencies within the boundaries of which this algorithm is guaranteed to be secure. Its robustness lies in its simplicity and in its distributed nature. We address all security concerns related to the model including compromised share servers and cryptanalytic attacks. A variation, called the Dual Threshold Scheme, is created to reduce the vulnerability in the algorithm, namely, the compromise of the Special Server and its secret share. In this scheme, a combination of another threshold number of Distributed Special Servers must combine to collectively generate a share equivalent to the Special Server's share. This flexibility allows us to adjust our threshold scheme for the environment. We describe a Java-based implementation of the AKD algorithm, using Remote Method Invocation (RMI) for communication among share servers. A typical scenario of a Trusted Dealer, a Special Server and a number of Share Servers was created, where timed asymmetric key generation and distribution was carried out after which the servers initiated and carried out certificate signing transactions in the appropriated manner. As an interesting exercise, the share servers were corrupted so that they would try to exclude the Special Server in the transactions and try to form its share themselves, to observe the consequence. All their efforts were futile. Another interesting aspect was the key generation timing. Key generation is known to be a very time-extensive process but the key share reuse concept used in this implementation reduced the time for key generation by 66-90% of the classical key generation time.
URI: http://www.lib.ncsu.edu/resolver/1840.16/545
Appears in Collections:Theses

Files in This Item:

File Description SizeFormat
etd.pdf217.42 kBAdobe PDFView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.