\relax \citation{Shamir79} \citation{Safekeyper} \citation{Kocher98} \@writefile{toc}{\contentsline {section}{\numberline {1}Introduction}{2}} \citation{OstrovskyY91} \citation{HerzbergJKY95} \@writefile{toc}{\contentsline {subsection}{\numberline {1.1}Diversity and proactive updates}{5}} \citation{AielloBFH98} \citation{BF97} \citation{MWB98} \citation{GoldwasserM84} \citation{BellareR93} \@writefile{toc}{\contentsline {subsection}{\numberline {1.2}Generating shared keys}{6}} \@writefile{toc}{\contentsline {subsection}{\numberline {1.3}Roadmap to the rest of the report}{6}} \citation{Shamir79} \citation{Blakley79} \@writefile{toc}{\contentsline {section}{\numberline {2}Secret Sharing}{7}} \@writefile{toc}{\contentsline {subsection}{\numberline {2.1}Simple $k$-out-of-$n$ Secret Sharing}{7}} \@writefile{toc}{\contentsline {subsection}{\numberline {2.2}Shamir Secret Sharing}{7}} \citation{Berkovits91} \@writefile{toc}{\contentsline {paragraph}{Fact 1.}{8}} \@writefile{toc}{\contentsline {paragraph}{Fact 2.}{8}} \@writefile{toc}{\contentsline {paragraph}{The Dealing Protocol}{8}} \@writefile{toc}{\contentsline {paragraph}{The Combining Protocol}{8}} \@writefile{toc}{\contentsline {subsection}{\numberline {2.3}Verifiable Secret Sharing}{8}} \citation{ChorGMA85} \citation{GoldreichMW91} \citation{Feldman87} \citation{Pedersen91} \citation{Feldman87} \citation{LongW88} \citation{Pedersen91} \citation{HerzbergJKY95} \@writefile{toc}{\contentsline {subsection}{\numberline {2.4}Robust Secret Sharing}{9}} \citation{OstrovskyY91} \@writefile{toc}{\contentsline {subsection}{\numberline {2.5}Proactive Secret Sharing}{10}} \citation{OstrovskyY91} \citation{CanettiH94} \citation{HerzbergJKY95} \citation{HerzbergJKY95} \citation{Desmedt87} \citation{Boyd89} \citation{CroftH89} \citation{DesmedtF89} \citation{CerecedoMI93} \citation{Harn94} \citation{GennaroJKR96b} \citation{HerzbergJJKY97} \citation{GennaroJKR96b} \citation{HerzbergJJKY97} \@writefile{toc}{\contentsline {section}{\numberline {3}Proactive and Robust RSA Sharing}{12}} \citation{FrankelD92} \citation{DeSantisDFY94} \citation{FrankelGY96} \citation{GennaroJKR96} \citation{FrankelGMY97} \citation{FrankelGMY97b} \citation{Rabin98} \citation{FrankelGMY97b} \citation{DDB} \citation{RivestSA78} \citation{Lenstra94} \citation{MenezesVV} \@writefile{toc}{\contentsline {subsection}{\numberline {3.1}Simple RSA Sharing}{13}} \citation{Frankel89} \citation{DesmedtDB} \citation{Rabin98} \@writefile{toc}{\contentsline {paragraph}{The Recursive Scheme}{14}} \citation{HerzbergJKY95} \@writefile{lot}{\contentsline {table}{\numberline {1}{\ignorespaces \em A 3-out-of-4 sharing scheme. Each row sums to $d$. Players $S_1$, $S_2$, and $S_3$ hold the shares in the columns 1, 2, and 3, respectively. The shares in the {\rm Public} column are broadcast. Observe that any triplet of players are able to generate signatures. }}{15}} \newlabel{t:3outof4}{{1}{15}} \@writefile{lot}{\contentsline {table}{\numberline {2}{\ignorespaces \em A 3-out-of-4 sharing scheme. Each row sums to $d$. Players $S_1$, $S_2$, and $S_3$ hold the shares in the columns 1, 2, and 3, respectively. The shares in the {\rm Public} column are broadcast. As before, every triplet of players can generate a signature, however, each player need only store two shares, rather than three. }}{15}} \newlabel{t:good3outof4}{{2}{15}} \newlabel{t:7outof8}{{3.1}{16}} \@writefile{lot}{\contentsline {table}{\numberline {3}{\ignorespaces \em A recursive construction for a 7-out-of-8 sharing scheme. The two 2-out-of-2 shares of $d$ are given by the equation $d= $\unhbox \voidb@x \hbox {$d_1+D_1+d_{1,p} =$}\unhbox \voidb@x \hbox {$D_2+d_2+d_{2,p}$}. The rows denote how the sharing schemes of $d_1,D_1,D_2,d_2$ are to be matched up. }}{16}} \citation{Rabin98} \@writefile{toc}{\contentsline {paragraph}{Rabin's Scheme}{18}} \@writefile{toc}{\contentsline {subsection}{\numberline {3.2}Proactive RSA Sharing}{18}} \@writefile{toc}{\contentsline {paragraph}{The Recursive Scheme}{18}} \@writefile{toc}{\contentsline {paragraph}{Rabin's Scheme}{19}} \citation{Rabin98} \citation{GennaroJKR96} \@writefile{toc}{\contentsline {subsection}{\numberline {3.3}Robust Proactive RSA Sharing}{20}} \@writefile{toc}{\contentsline {paragraph}{Rabin's Scheme}{20}} \citation{FrankelGY96} \@writefile{toc}{\contentsline {paragraph}{Recursive Scheme}{22}} \@writefile{toc}{\contentsline {section}{\numberline {4}Summary}{23}} \bibdata{bill-darpa} \bibcite{AielloBFH98}{1} \bibcite{BellareR93}{2} \bibcite{Berkovits91}{3} \bibcite{Blakley79}{4} \bibcite{BF97}{5} \citation{CRYPTO97} \bibcite{Boyd89}{6} \bibcite{CanettiH94}{7} \bibcite{CerecedoMI93}{8} \bibcite{ChorGMA85}{9} \bibcite{CroftH89}{10} \bibcite{Desmedt87}{11} \bibcite{DesmedtF89}{12} \bibcite{Feldman87}{13} \bibcite{Frankel89}{14} \bibcite{FrankelD92}{15} \bibcite{FrankelGMY97b}{16} \bibcite{FrankelGMY97}{17} \citation{CRYPTO97} \bibcite{FrankelGY96}{18} \bibcite{GennaroJKR96}{19} \bibcite{GennaroJKR96b}{20} \bibcite{GoldreichMW91}{21} \bibcite{GoldwasserM84}{22} \bibcite{Harn94}{23} \bibcite{HerzbergJJKY97}{24} \bibcite{HerzbergJKY95}{25} \bibcite{CRYPTO97}{26} \bibcite{Kocher98}{27} \bibcite{Lenstra94}{28} \bibcite{LongW88}{29} \bibcite{MWB98}{30} \bibcite{MenezesVV}{31} \bibcite{OstrovskyY91}{32} \bibcite{Pedersen91}{33} \bibcite{Rabin98}{34} \bibcite{RivestSA78}{35} \bibcite{Safekeyper}{36} \bibcite{DeSantisDFY94}{37} \bibcite{Shamir79}{38} \bibstyle{plain}