Threshold RSA is a public-key cryptographic algorithm that allows a private RSA key to be shared among a group of partial-key holders such that a subset of them can collaborate to generate digital signatures or perform message decryption. We identify new possibilities introduced by the adoption of threshold RSA in agent applications....[ Read more ]

Threshold RSA is a public-key cryptographic algorithm that allows a private RSA key to be shared among a group of partial-key holders such that a subset of them can collaborate to generate digital signatures or perform message decryption. We identify new possibilities introduced by the adoption of threshold RSA in agent applications.

Hitherto, there are few studies on the vulnerabilities of threshold RSA, leaving the effectiveness of threshold RSA to agent technology unproven. To this end, we investigate the major attacks to a threshold RSA cryptosystem that adopts a threshold model of digital signing and message decryption by autonomous agents. These attacks allow an adversary to recover the private RSA key, hinder the availability of the cryptographic services or perform unauthorized digital signing or message decryption.

We suggest some practical countermeasures to combat these attacks by selecting appropriate public RSA exponents and by employing cryptographic tools such as threshold pseudorandomness, zero-knowledge proofs and asymmetric encryption. Our analysis can serve as guidelines for constructing a secure threshold RSA cryptosystem, helping to create more agent applications with better security.