View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0003400||GNUnet||secret sharing service||public||2014-05-08 00:46||2014-05-08 09:43|
|Reporter||Florian Dold||Assigned To||Florian Dold|
|Priority||normal||Severity||feature||Reproducibility||have not tried|
|Target Version||Fixed in Version|
|Summary||0003400: distributed key generation is susceptible to rushing attack|
|Description||As currently implemented, the distributed key generation protocol is susceptible to the rushing attack as described by Fouque (allowing a player to skew/select the public key).|
When using a commit/reveal scheme for simulating the incoercible third party, we might run into the same issues as the original Pedersen protocol.
The only advantage of the (much more complex) Fouque scheme would then be the "easier" complaint handling (compared to Pedersen).
Maybe a (very simple) collective coin tossing protocol would work (e.g. majority bit in a string)?
|Tags||No tags attached.|