Research On Application Of Secure Multi-party Computation To Key Agreement

Secure multi-party computation, which deals mainly with the multi-party cooperationcomputating with privacy preserved, plays an important role in cryptography. In this dissertation,we analysis the difference and relation between secure multi-party computation and keyagreement in the view of subordination and execution, as well as research on how to applysimulation theory, basic protocols and typical problems of secure multi-party computation to keyagreement.The security simulation theory of secure multi-party computation is investigated, as well asBCK security model and UC security model which are based on the theory. According to this, amodular design of key agreement protocol is proposed which can produce a protocol with UCsecurity in the unauthenticated model.A key agreement protocol PSKA-I based on passwords in authenticated model is introduced,which use the oblivious polynomial evaluation as its kernel, and then protocol PSKA-II, whichwoks in the unauthenticated model and can resist the active attack, is obtained from PSKA-I bythe above modular design. Simultaneously, protocol PSKA-III with good performance use thevector production to realize key agreement by an oblivious third party.In this disertation, a secure solution to Yao's millionaires'problem, which is transferred tothe set intersection problem by 0-encoding and 1-encoding, is proposed based on communtativeencryption scheme. We also research on the application of Yao's millionaires'problem to keyagreement, and design a key agreement protocol in authenticated model, which doesn't need topreset secret information.With respect to current distributed key generation protocol not adapting to dynamic groups,a new adaptive one based on verified secret sharing is presented, which is able to add andremove members dynamically by refreshing the public parameter without altering the private andpublic key. At the same time, a simulator is constructed by the simulation theory of securemulti-party computation to prove its security. What's more, for most of the subsecrets can beused repeatedly, the efficiency is improved with the communication cost reduced.