How to make a collective RSA signature without generating a shared public key?

M

musikman08082018-11-06 20:41:27

AES

musikman0808, 2018-11-06 20:41:27

How to make a collective RSA signature without forming a common public key, while the signature must be one common.
Guys, someone is familiar with such an algorithm? I will be glad to any answer.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

C

CHolfield, 2019-02-23
@CHolfield

Generate an RSA key pair as usual, with a minimum key length of 4096 bits.
Divide the resulting secret key into pieces according to the number of participants. The pieces are not necessarily equal in length.
Encrypt each piece with the participant's public key and send him the encrypted piece.
After sending, delete the whole secret key.
That's it, now the use of this key for signing a bullet is possible only if all participants return the decrypted pieces and some program assembles into a whole key and then signs the data. These operations must be performed on a secure device, clean the memory after each session, etc. But in general, the scheme, I hope, is clear. It is called a shared secret or RSA shared secret.