2

I am trying to sign certificate (X509) using secret sharing. That is shareholders combine their signatures to produce the final signature which will be in this case the signed certificate. However practically from my understanding only one entity can sign a certificate. Therefore I want to know:

  1. which entities or data of the x509certificate are actually taken as input to the signing algorithm?
  2. Ideally I want this data to be signed by the shareholders and then the final combination will be passed to the X509certificate as valid signature.
  3. Is this possible?
  4. How could it done?
  5. If not are they other alternatives?
CodesInChaos
  • 25,121
  • 2
  • 90
  • 129
eskoba
  • 205
  • 1
  • 5

1 Answers1

1

I'm not quite sure if I understand you correctly.

As far as I understand it, you want to produce a threshold signature on the hash value of an X.509 certificate. It is not sure if you require a distribute key generation of the private key, or you are in possession of the signing key and distribute shares of the key to all stakeholders.

1) Actually, in case of X.509 certificates you sign the hash value of the certificate fields.

2&3) Yes this is possible by using any threshold signature and using the hash-then-sign paradigm. You may look here for a related question.

4) Either run a distributed key generation or generate the keypair for the signature scheme and distribute the shares of the private key to the stakeholders (put the public key in your (self signed) CA cert). Then, to sign an X.509 certificate, compute the hash value and run the distributed signing algorithm on it. Integrate the resulting signature in the X.509 certificate.

Community
  • 1
DrLecter
  • 12,675
  • 3
  • 44
  • 61