Difference between revisions of "Projects:DistributedPrivacyGuard"

From 34C3_Wiki
Jump to: navigation, search
m
(added assembly)
Line 3: Line 3:
 
|Has description=The Distributed Privacy Guard implements Distributed Key Generation (DKG) and Threshold Cryptography for OpenPGP. The generated public keys are compatible with the standard and thus can be used by any RFC4880-compliant application (e.g. GnuPG). The main purposes of this software are distributing power among multiple parties, eliminating single points of failure, and increasing the difficulty of side-channel attacks on private key material.
 
|Has description=The Distributed Privacy Guard implements Distributed Key Generation (DKG) and Threshold Cryptography for OpenPGP. The generated public keys are compatible with the standard and thus can be used by any RFC4880-compliant application (e.g. GnuPG). The main purposes of this software are distributing power among multiple parties, eliminating single points of failure, and increasing the difficulty of side-channel attacks on private key material.
 
|Has website=https://savannah.nongnu.org/projects/dkgpg/
 
|Has website=https://savannah.nongnu.org/projects/dkgpg/
 +
|Located at assembly=Cryptocol
 
}}
 
}}
 
The Distributed Privacy Guard (DKGPG) implements [https://en.wikipedia.org/wiki/Distributed_key_generation Distributed Key Generation] (DKG) and [https://en.wikipedia.org/wiki/Threshold_cryptosystem Threshold Cryptography] for [http://openpgp.org OpenPGP]. The generated public keys are compatible with the standard and thus can be used by any RFC4880-compliant application (e.g. GnuPG). The main purposes of this software are distributing power among multiple parties, eliminating single points of failure, and increasing the difficulty of side-channel attacks on private key material.
 
The Distributed Privacy Guard (DKGPG) implements [https://en.wikipedia.org/wiki/Distributed_key_generation Distributed Key Generation] (DKG) and [https://en.wikipedia.org/wiki/Threshold_cryptosystem Threshold Cryptography] for [http://openpgp.org OpenPGP]. The generated public keys are compatible with the standard and thus can be used by any RFC4880-compliant application (e.g. GnuPG). The main purposes of this software are distributing power among multiple parties, eliminating single points of failure, and increasing the difficulty of side-channel attacks on private key material.

Revision as of 22:14, 15 November 2017

Description The Distributed Privacy Guard implements Distributed Key Generation (DKG) and Threshold Cryptography for OpenPGP. The generated public keys are compatible with the standard and thus can be used by any RFC4880-compliant application (e.g. GnuPG). The main purposes of this software are distributing power among multiple parties, eliminating single points of failure, and increasing the difficulty of side-channel attacks on private key material.
Has website https://savannah.nongnu.org/projects/dkgpg/
Persons working on HS
Tags crypto, openpgp, GNUnet
Located at assembly Assembly:Cryptocol
Other projects...

refresh

The Distributed Privacy Guard (DKGPG) implements Distributed Key Generation (DKG) and Threshold Cryptography for OpenPGP. The generated public keys are compatible with the standard and thus can be used by any RFC4880-compliant application (e.g. GnuPG). The main purposes of this software are distributing power among multiple parties, eliminating single points of failure, and increasing the difficulty of side-channel attacks on private key material.

Using well-established multi-party protocols a shared private key and a common public key (DSA/ElGamal) is generated. Then further interactive protocols perform the private operations like decryption and signing of messages, provided that a previously defined threshold of parties/devices take part in the distributed computation.

The security is based on the assumption that computing discrete logarithms in large prime order subgroups of Zp is hard. The current implementation is in experimental state and should NOT be used in production environments. Details about implementation can be found in these presentation slides.

Due to the interactiveness of the protocols a lot of messages between participating parties have to be exchanged in a secure way. We employ GNUnet, and in particular its mesh routed CADET service, to establish private and broadcast channels for this message exchange. A reliable broadcast protocol from LibTMCG is used as mechanism to achieve some validity, consistency, and totality in a hopefully partially synchronous communication environment.