For some protocols no party should be in the sole possession of the secret key. Rather, during distributed key generation every party obtains a share

Secret sharing

Secret sharing refers to method for distributing a secret amongst a group of participants, each of whom is allocated a share of the secret. The secret can be reconstructed only when a sufficient number of shares are combined together; individual shares are of no use on their own.More formally, in a...

 of the key. A threshold of the participating parties need to cooperate in order to achieve a cryptographic task, such as decrypting a message.

In this sense distributed key generation is a logical preliminary step for doing threshold decryption

Threshold cryptosystem

In cryptography, a cryptosystem is called a 'threshold cryptosystem', if in order to decrypt an encrypted message a number of parties exceeding a threshold is required to cooperate in the decryption protocol. The message is encrypted using a public key and the corresponding private key is shared...

 without need for a trusted third party

Trusted third party

In cryptography, a trusted third party is an entity which facilitates interactions between two parties who both trust the third party; The Third Party reviews all critical transaction communications between the parties, based on the ease of creating fraudulent digital content. In TTP models, the...

There are different algorithms for different key types. Gennaro et al. introduced a secure protocol for discrete log-based systems in 1999. Boneh and Franklin designed in 1997 a protocol for distributed RSA key generation for three or more parties . In 1999, a paper by Gilboa introduced two party distributed RSA key generation. An open source software for this protocol is available at .